The Internet Archive is under attack, with a popup claiming a ‘catastrophic’ breach - A popup message claims the online archive has suffered “a catastrophic security breach,” as its operators say the site has been DDOS’d for days.

Article
Archive




When visiting The Internet Archive (www.archive.org) on Wednesday afternoon, The Verge was greeted by a pop-up claiming the site had been hacked. After closing the message, the site loaded normally, albeit slowly.

However, as of 5:30PM ET, the popup was gone, but so was the rest of the site, leaving only a placeholder message saying “Internet Archive services are temporarily offline” and directing visitors to the site’s account on X for updates.

Here’s what the popup said:

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.

Jason Scott, an archivist and software curator of The Internet Archive, said the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.”

An account on X called SN_Blackmeta said it was behind the attack and implied that another attack was planned for tomorrow. The account also posted about DDoSing the Archive in May, and Scott has previously posted about attacks seemingly aimed at disrupting the Internet Archive.

We’ve reached out to the organization to learn more information.

----

Link to discussion regarding the breach on Hacker News

 

[supersock12345]

Some good news, I guess:

https://x.com/brewster_kahle/status/1844790609573277792

https://nitter.poast.org/brewster_kahle/status/1844790609573277792

 

[AnotherPleb]

I am not happy about this. At all. And neither should you.

Internet Archive isn't just a static webpage archive like archive.today, they're basically a massive free file hosting website with no limits on upload size. Their storage space is in hundreds of petabytes, or thousands of terabytes, or simply put, millions of gigabytes. They have designed their own custom storage racks that can hold up to 1.4 petabytes of data per rack, and their server room generates so much heat it doubles as a building heater.
View attachment 6506744
As of 2021 the IA reported that they held ~212PB of data, that would be 212 millions of gigabytes worth of data. There is no way to back this up. If it's gone, it's gone. The unaffiliated Archive Team once attempted to do just that only to realize how futile it was. And no, torrents will never be able to replace what the IA has. That's why they're so paranoid about keeping their systems safe after the breach, and I hope that they will manage to pull through.

They also aren't as politically motivated as most believe they are. They had absolutely zero issues hosting Johnny Rebel songs, Moonman covers, RAC discographies or even full MATI episodes that people uploaded there. Their administration doesn't go around playing whack-a-mole with anything they disagree with politically, kiwifarms.net getting excluded from the Wayback Machine was simply the result of the complaint volume during the peak of #DropKiwiFarms campaign.

It should be in everyone's best interest for the Internet Archive to survive and keep operating, and for them to have a more competent leadership. Ideally one that'll invest in their networking infrastructure for once since it was always their Achilles' heel.

The fact that it's so neutral is why so many bad actors want the site gone. You know how people say the internet never forgets? It's thanks to sites like the Internet Archive.

I honestly don't think the actual glowies want IA to go anywhere. They use it themselves.

I think the glowies want the IA only accessible to them. All that information is dangerous if they can't control it.

 

[AnOminous]

Go hack/DDoS the Israeli government, what a lot of pussies.

The difference is Mossad will send someone to ventilate your cranium.

Don't care. Antiracist = antiwhite. I've uploaded thousands of hours worth of music and videos to the archive over the last two decades and if it disappeared tomorrow, oh well.

Antiwhite is literally racist. You can't be antiracist and racist at the same time, you'd like explode or something.

 

[cringe czar]

Hm, that sure is funny. An archive site of all things got attacked? I wonder why…

twitter archivers have been attacked before, if this was from a real security researcher it would've been quietly disclosed. This isn't from a skid either because they'd do some obnoxious bullshit or put in a redirect to a crypto scam. This is 100% someone mad their shit is on the internet forever.

now this has happened once, it's much more likely to happen again, any time an attack makes the news idiots pile in to be the next headline.

 

[Super-Chevy454]

Let's hope then some folks will create some forks of the Internet Archive.

 

[Xarpho's Return]

Let's hope then some folks will create some forks of the Internet Archive.

There are not enough rainbows for the post. The archive is 70 petabytes. You can't create a fork like that without major infrastructure and funding.

 

[Super-Chevy454]

There are not enough rainbows for the post. The archive is 70 petabytes. You can't create a fork like that without major infrastructure and funding.

Too bad, I guess it's even out of reach for Elon Musk...

 

[George Lucas]

Internet Archive has too much valuable information for the public good to be managed by apparently inept socialist retards. I would strongly consider using eminent domain to seize it all and give to someone competent.

 

[TheHarbinger]

There are not enough rainbows for the post. The archive is 70 petabytes. You can't create a fork like that without major infrastructure and funding.

You can fork individual data sets easily. They've already done work on this behind the scenes. Like archiving all books separately or old newspaper articles in certain collections or libraries. A full clone of the Internet Archive is obviously not really realistic but the demand for this is also rather low. But the most valuable collections within the site have backups that are offline. Obviously with this latest breach they clearly need a system in place to allow for faster duplication of their existing files.

Internet Archive has too much valuable information for the public good to be managed by apparently inept socialist retards. I would strongly consider using eminent domain to seize it all and give to someone competent.

They have severe issues with data and user security. Some of their bigger data leaks or compromises are not publicly known. I was shocked that they continue to have registration on the site considering their issues in the past. But I doubt that they will rethink forcing a login for more access in the future.

 

[Throng of Titans]

Internet Archive has too much valuable information for the public good to be managed by apparently inept socialist retards. I would strongly consider using eminent domain to seize it all and give to someone competent.

The last thing we want if we want competence is to introduce the government to the equation.

 

[George Lucas]

The last thing we want if we want competence is to introduce the government to the equation.

Eminent domain can be used to give property to a private citizen or organization. There is precedence to do this. You could have a charter that ensures several copies can be handled by various independent organizations, so not just one organization can fuck everything up.

 

[Aero the Alcoholic Bat]

This is why when I find anything worthwhile on the wayback machine, I always back it up immediately on archive.today.

 

[byron]

You could create an internet archive right now, charge $5 per month to mirror it, and enough people would subscribe to support you. Then you periodically put a hash on some blockchain and nobody would bother to hack you.

But you would definitely commit suicide via two shots to the back of the head

 

[Throng of Titans]

Eminent domain can be used to give property to a private citizen or organization. There is precedence to do this. You could have a charter that ensures several copies can be handled by various independent organizations, so not just one organization can fuck everything up.

Do you really think, in this day and age, it wouldn't just be promptly handed off to some DEI mess full of sheeboons, some Mossad branch, or an ((investment firm))? I don't like the current ownership, but it could be even worse than it is.

 

[Rozzy]

The fact that it's so neutral is why so many bad actors want the site gone.

Let's not forget, it's so neutral that it scrubbed all KiwiFarms pages from the archives.

 

[Avenue]

The DDoS'er (Darkmeta/Blackmeta/Eliron) posted a massive wall of (markup formatted) text to Xitter explaining his reasoning behind attacking the Internet Archive, its very long and boring so I let an AI summarize it.
(Full Xeet Nitter link) (Archive)
--- AI Summary ---
The text is a statement from the group SN_DARKMETA, addressing misconceptions about their recent DDoS attack on the Internet Archive. They clarify that they are not affiliated with any government and have been conducting cyber attacks for years against various corporations and institutions, particularly targeting Israeli entities to advocate for Palestinian rights.

They explain that the Internet Archive attack was intended as a test of security, not meant to disrupt services extensively, and they deny any involvement in data breaches, criticizing media narratives that link them to such incidents. They assert that the Internet Archive operates under a façade, claiming it engages in questionable practices despite being a nonprofit. The group emphasizes their commitment to amplifying overlooked voices and fighting for justice, particularly for marginalized communities.

Overall, the statement combines a defense of their actions with broader criticisms of the Internet Archive and its practices.
--- ---

 

[AnotherPleb]

Bullshit. They absolutely were hired by glowies.

 

[Super-Chevy454]

This is why when I find anything worthwhile on the wayback machine, I always back it up immediately on archive.today.

View attachment 6515819

Yeah and you can also save some of them on GhostArchive as well.

 

[AnOminous]

They assert that the Internet Archive operates under a façade, claiming it engages in questionable practices despite being a nonprofit.

These people are either retards or glowies but this is actually true.

The DDoS'er (Darkmeta/Blackmeta/Eliron) posted a massive wall of (markup formatted) text to Xitter explaining his reasoning behind attacking the Internet Archive, its very long and boring so I let an AI summarize it.

I had actually never contemplated the potential uses of AI in not having to read retarded tl;dr schizoposts.

 

[tehpope]

I hope I'm wrong, but I have a feeling that a lot of the questionable content will be gone once archive.org comes back. A lot of the antisemitic, conspiratorial, piracy (gaming roms, isos), fringe stuff will be wiped. No answers as to why. Its coincidental this is happening weeks before the election. But maybe I'm just schizoid.