The Internet Archive is under attack, with a popup claiming a ‘catastrophic’ breach - A popup message claims the online archive has suffered “a catastrophic security breach,” as its operators say the site has been DDOS’d for days.

Article
Archive




When visiting The Internet Archive (www.archive.org) on Wednesday afternoon, The Verge was greeted by a pop-up claiming the site had been hacked. After closing the message, the site loaded normally, albeit slowly.

However, as of 5:30PM ET, the popup was gone, but so was the rest of the site, leaving only a placeholder message saying “Internet Archive services are temporarily offline” and directing visitors to the site’s account on X for updates.

Here’s what the popup said:

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.

Jason Scott, an archivist and software curator of The Internet Archive, said the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.”

An account on X called SN_Blackmeta said it was behind the attack and implied that another attack was planned for tomorrow. The account also posted about DDoSing the Archive in May, and Scott has previously posted about attacks seemingly aimed at disrupting the Internet Archive.

We’ve reached out to the organization to learn more information.

----

Link to discussion regarding the breach on Hacker News

 

[Toji Suzuhara]

What are going to do then if all the other archive sites the Farms relies on go down?

I bet that Null's gonna make his own archive site when it comes to that. We then archive the archives there, easy

 

[TheHarbinger]

Just download whatever website you want to preserve using SingleFile.

That doesn't work for the millions of files hosted on Archive.org that are media files like digitized books, movies, newscasts, radio shows, television shows, scanned art books, video game guides, and so on. Some collections of those types of media are basically exclusive to the Internet Archive and are very difficult to reliably find in other places.

 

[Gog & Magog]

I bet that Null's gonna make his own archive site when it comes to that. We then archive the archives there, easy

That sounds expensive. Very expensive.

 

[Joe Swanson]

Wow, maybe if the internet archive wasn't run by retarded socialists they wouldn't be having so many problems

 

[UERISIMILITUDO]

I'd like to share with you Gwern's method of archiving URLs:

https://gwern.net/timestamping

 

[reptile baht spaniard rid]

I bet that Null's gonna make his own archive site when it comes to that. We then archive the archives there, easy

The advantage of the current archive sites is they’re trusted. Nobody will trust kiwichive. Even PDFs can be faked. It’s the end of an era that will occur, it’s just when.

 

[General Insomnia]

The advantage of the current archive sites is they’re trusted. Nobody will trust kiwichive. Even PDFs can be faked. It’s the end of an era that will occur, it’s just when.

Normie's trust. I don't trust shit, I can make a fake app and scroll through it, fake a website/chat log/voice no prob.

 

[Agent Abe Caprine]

Interesting that this is happening just a month before the presidential erection.

 

[Diesel Boogaloo]

That doesn't work for the millions of files hosted on Archive.org that are media files like digitized books, movies, newscasts, radio shows, television shows, scanned art books, video game guides, and so on. Some collections of those types of media are basically exclusive to the Internet Archive and are very difficult to reliably find in other places.

Those, you can just download the normal way.
The media archive still works, although it feels a bit more sluggish than usual.

Interesting that this is happening just a month before the presidential erection.

Don't fix that typo.

 

[snort inquisition]

why were people registering to use this site? not sure i understand what the issue is here honestly, what is the point of having an account?

 

[AnOminous]

Boy, I sure do love it when they attack helpful sites that do no harm but leave all the bad sites up. Fuck, I hope they nail this guy's balls to wall. Getting so tired of these hacks on well-meaning sites.

DDoS isn't good against "bad" sites either. The collateral damage and cost of all this bullshit on innocent bystanders is probably in the hundreds of billions. Maybe even over a trillion. It's hard to know. Often it doesn't just take out the target but the entire ISP the target is on, sometimes even their upstreams.

Also, critique IA for inconsistent enforcement of their content deletion policies all you want but I have to give credit and respect for having such a comprehensive collection of website snapshots dating so far back into the lifespan of the mainstream web. That data is invaluable to me.

To be fair, they can't really afford to fight every single takedown request because eventually they'd lose one (and actually have recently lost bigtime), but to go right back to being unfair again, fuck them because they took us down based on complete lies just because they don't like us.

 

['Ole Dente]

View attachment 6504606
In my opinion it looks like IA has a downloading vulnerability and this clout chasing moron is abusing it to take the site down. Probably spamming download requests from a bot net.

Israel is bombing Palestine, so of course the prudent course of action to cease hostilities and do your part is….make sure I can’t download MediEvil for the PS1.

There’s no shortage of pedophile/monkey torture websites you can attack but heaven forbid if I play PS1 tonight otherwise Israel wins. We’ll leave actually doing good to Kiwi Farms, regularly maligned I might add.

….I’m just mad about the PS1 thing. It’s fucking gay bros.

 

[AnOminous]

Israel is bombing Palestine, so of course the prudent course of action to cease hostilities and do your part is….make sure I can’t download MediEvil for the PS1.

Imagine attacking IA for shit the U.S. did when one of the things the U.S. has also done is make it virtually illegal for IA to operate at all. Fucking lobotomized faggot.

 

['Ole Dente]

Imagine attacking IA for shit the U.S. did when one of the things the U.S. has also done is make it virtually illegal for IA to operate at all. Fucking lobotomized faggot.

I hope he wakes up tonight to go take a piss and he stands at the toilet expecting the piss to come, but it doesn’t come and he’s like what the fuck, then the piss comes but he wasn’t ready so he pisses on his own floor, goes to bed, forgets, then his wife wakes up in the morning to pee and steps in the pee and he gets in fucking big shit.

 

[Swingletonthesimpleton]

I wonder what they are trying to hide?

In this? Nothing. Because nobody fucking uses the Internet archive given that they unarchived things on tranny whims.

My guess is either some group wanting attention, or maybe those publishers suing decided to take down the library the hardway

Now if it was archive.md then yeah. Somebody's hiding

 

[Mimic]

why were people registering to use this site? not sure i understand what the issue is here honestly, what is the point of having an account?

They made it mandatory to log in to see "mature" content, but anything could be labeled as such. PS1 ISOs for example.

 

[Freshly Baked Socks]

why were people registering to use this site?

I registered to upload content.

I guess everyone could now deduce who uploaded what more easily?

 

[Computer Guardian]

BleepingComputer Article | Archive

View attachment 6504682

Well well well

they really should have used extended ASCII for thier passwords becuase not doing so when you can makes it a lot easier to get hit by script kiddies with there being a lot less possibilities to sift through.

 

[N Space]

That doesn't work for the millions of files hosted on Archive.org that are media files like digitized books, movies, newscasts, radio shows, television shows, scanned art books, video game guides, and so on. Some collections of those types of media are basically exclusive to the Internet Archive and are very difficult to reliably find in other places.

That's what torrents are for.

 

[Markass the Worst]

On a long enough timeline, every site you use will have a breach like this eventually.

It's even happened to us. At least Null warns people to use a separate email and separate username. No other site gives enough of a shit to reduce the amount of data stored and inevitably leaked.

DDoS isn't good against "bad" sites either. The collateral damage and cost of all this bullshit on innocent bystanders is probably in the hundreds of billions. Maybe even over a trillion. It's hard to know. Often it doesn't just take out the target but the entire ISP the target is on, sometimes even their upstreams.

DDoS attacks are orchestrated by botnets which come from compromised computers, funding a DDoS is directly contributing to cybercrime. Good post from @CyrusKissFanClub about this here including how Liz-Fong Jones supported crime by wanting Cloudflare to drop us.