When visiting The Internet Archive today, The Verge was greeted by a pop-up message claiming the site has been hacked. After closing the message, the site loaded normally, albeit slowly.
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”
HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.
Jason Scott, an archivist and software curator of The Internet Archive, said the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.”
An account called SN_Blackmeta claimed credit for five hours of attack this afternoon, and implied that it plans another, longer attack for tomorrow:
We’ve reached out to the organization to learn more information.