Web Archive (Archive.org) Hacked for Second Time in a Month

The Web Archive (Archive.org) suffered a second safety breach in October 2024, exposing assist tickets by unrotated Zendesk API tokens. The group faces reputational harm and dangers to consumer knowledge.

The Web Archive, a non-profit group based by Brewster Kahle to protect the Web’s historical past, has been experiencing a collection of cyberattacks all through October 2024. It began on October ninth with a twin assault: a knowledge breach and a Distributed Denial-of-Service (DDoS) assault, which had been promptly reported by Hackread.com.

The assault was revealed with a message displayed on the Web Archive’s web site (archive.org), with the hackers themselves, taunting the group’s safety vulnerabilities and asserting the stolen knowledge on a web site referred to as “Have I Been Pwned?” (HIBP). 

Reportedly, the hackers exploited a GitLab token, compromising the Archive’s supply code and stealing consumer knowledge from 31 million accounts. This uncovered delicate info, together with Bcrypt-hashed passwords and e-mail addresses.

A Professional-Palestinian group SN_BlackMeta launched one other DDoS assault across the identical time, quickly knocking the location offline, together with the Wayback Machine, which collects snapshots of lots of of billions of internet pages. Whereas these assaults coincided, they had been probably performed by separate entities.

On October 18, Kahle confirmed that saved knowledge is secure and that “Wayback Machine, Archive-It, scanning, and national library crawls have resumed.” He additionally acknowledged that the group is taking a cautious strategy to rebuilding and strengthening defences.

Nevertheless, the Web Archive skilled one other safety breach on 20 October 2024, the place hackers exploited unrotated Zendesk API tokens to entry its assist platform. The breach uncovered hundreds of assist tickets courting again to 2018, doubtlessly containing private identification paperwork, and highlighted a crucial lapse within the Archive’s safety practices, resulting in a failure to rotate entry tokens commonly.

Internet Archive (Archive.org) Hacked for Second Time in a Month
In accordance with on-line malware repository VX-Underground, “The Internet Archive users are reporting to have received this e-mail. It appears that the person(s) who compromised The Internet Archive still maintain some form of persistent access and are trying to send a message.”

What Now for the Web Archive?

The Archive suffered a number of breaches as a result of vulnerabilities in its infrastructure, permitting attackers to entry consumer knowledge. It’s speculated that the assaults had been motivated by status fairly than monetary acquire, with hackers looking for recognition inside hacker communities. Though no ransom calls for had been made, the stolen knowledge poses dangers like phishing assaults and identification theft.

The Web Archive hasn’t but commented on the latest breach. Nonetheless, contemplating that it serves as a vital repository of historic digital info, the collection of assaults increase considerations in regards to the long-term security of this digital treasure trove and signifies the significance of sturdy cybersecurity measures. Common safety audits, safe coding practices, and immediate responses to vulnerabilities are important for safeguarding consumer knowledge and important infrastructure. 

  1. DDoS Assaults Hit France Over Telegram’s Pavel Durov Arrest
  2. Archive of Our Personal Web site Struggling Large DDoS Assaults
  3. Inspecting the US Authorities’s DDoS Safety Steerage Replace
  4. Panamorfi DDoS Assault Exploits Misconfigured Jupyter Notebooks
  5. Misconfigured AWS bucket uncovered 421GB of Paintings Archive knowledge

Recent articles

Postman Workspaces Leak 30000 API Keys and Delicate Tokens

SUMMARY 30,000 Public Workspaces Uncovered: CloudSEK identifies large information leaks...

What’s CRM? A Complete Information for Companies

Buyer relationship administration software program is a gross sales...