[uticus]

Is it a genuine alert, or hacking artifact?

Sometimes with friendly / attempt-at-humorous error messages it’s difficult to tell

[jrochkind1]

I feel like it's safe to assume the official Internet Archive would not write a "friendly"/attempt-at-humurous/unprofessional/confusing/delivered-by-popup message advertising a devastating security breach. Oh also while announcing that nowhere else.

Obv an attackers ability to insert a message does imply a breach beyond a DoS. But I am pretty confident that message was not from the IA.

[n_i_k_h_i_l]

It's a literal window.alert()

[PLenz]

But was that code placed there by IA or by the malicious party?

[abracadaniel]

Verge reports someone has taken credit for an ongoing DDOS against IA. "An account on X called SN_Blackmeta said it was behind the attack and implied that another attack was planned for tomorrow" https://www.theverge.com/2024/10/9/24266419/internet-archive...

[dang]

Ok, let's switch to that link. Thanks!

Submitted URL was https://archive.org/.

[silexia]

The verge generally is clickbait, another site choice would have been better.

[dang]

That class of sites generally is, yes. But on HN we go by article quality, not site quality (https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so...) and I didn't see a better specific article on this. If there is a better one, we can change the link again.

[varun_ch]

This bad actor has videos of them supposedly “ddosing” Spotify by pinging 1.1.1.1 in two terminal windows on their Twitter.

Is there any link between them and the real attack or are they just unrelated people claiming credit for it?

[seanw444]

Sounds snarky to me. I'll bet it was the malicious party.

[whimsicalism]

it wouldn’t be a window.alert if it were IA