When visiting The Internet Archive today, The Verge was greeted by a pop-up message claiming the site has been hacked. After closing the message, the site loaded normally, albeit slowly.
Here’s what it says:
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”
HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.
Jason Scott, an archivist and software curator of The Internet Archive, said the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.”
An account called SN_Blackmeta claimed credit for five hours of attack this afternoon, and implied that it plans another, longer attack for tomorrow:
The Internet archive has and is suffering from a devastating attack We have been launching several highly successful attacks for five long hours and, to this moment, all their systems are completely down.
second round | New attack
09/10/2024 Duration 6 hours… pic.twitter.com/SL9lz4gSld— _ (@Sn_darkmeta) October 9, 2024
We’ve reached out to the organization to learn more information.
source https://www.theverge.com/2024/10/9/24266419/internet-archive-ddos-attack-pop-up-message