GoDaddy hacked by Anonymous? Not likely.

How an improbable hack got some awkward media coverage

(John Harrelson/Getty Images)

Yesterday the massive Internet registrar/lowbrow advertiser GoDaddy went down, taking millions of web sites offline with it. Breaking news reports attributed the trouble to a hack by Anonymous. Later, these items were corrected to say that the hack was not the work of Anonymous as a whole, but that Twitter user @AnonymousOwn3r was claiming responsibility. Mashable called @AnonymousOwn3r ”the security leader of Anonymous,” which must be true because @AnonymousOwn3r calls themself “the security leader of Anonymous” on his or her Twitter profile (and an “official member” to boot).  CNN went with the more measured description of @AnonymousOwn3r as “a person affiliated with Anonymous.”

All of this is very silly. Anonymous isn’t an organized group of any kind and has no office or officer to make anything official. It has no leaders of security or of anything else, but I guess it does have affiliates. You become one by being anonymous on the Internet. Are you logged in to Macleans.ca right now as you read this? If not, you are a person affiliated with Anonymous.

Whoever @AnonymousOwn3r is, they’ve gained notoriety and thousands of new followers in the last 24 hours and are likely having a laugh at the media right now. It might be a big laugh, because @AnonymousOwn3r might have had nothing to do with GoDaddy’s troubles.

GoDaddy is claiming today that they were not, in fact, hacked at all. CEO Scott Wagner said in a statment today that the outage had nothing to do with a hack or with a denial of service attack, Anonymous’ brute force method of pushing sites offline. Instead, it was “due to a series of internal network events that corrupted router data tables” (which is totally what I thought it was from the start).

Could Wagner’s statement be face-saving bluster? Possibly, but if so, he would be playing a very risky game. Hackers are usually all too happy to provide technical proof of their deeds, and if necessary, demonstrate their “ownage” of a site by smacking it offline again. @AnonymousOwn3r is assuring doubters that he or she is the real deal and linking to GitHub text purportedly documenting GoDaddy’s vulnerabilities.

As security experts analyze this, we’ll find out who is lying: CEO Scott Wagner or @AnonymousOwn3r.

My best guess? GoDaddy went dark due to some internal technical glitch, some random indvidual took credit, the media ran with it, and “lulz” ensued.

Follow Jesse on Twitter @JesseBrown




Browse

GoDaddy hacked by Anonymous? Not likely.

  1. We are legion. Well, we probably are. Or not. I may or may not be a part of it. Probably not, actually, now that I stop to think about it. So much for my 15 minutes of fame…

  2. I applied to join but was rejected by the membership committee based on my own recommendation.
    ~ waggling eyebrows and waving cigar ~

  3. Lately, it seems like there have been a number of high profile outages. Whether it is the numerous outages at Amazon AWS, Google Apps, or this recent GoDaddy outage – one trend is that these are all very large infrastructures. With size comes attention. And with that attention, one must be vigilant.

    Here is another interesting blog on this outage:
    http://www.dincloud.com/blog/Cloud-Security-and-Outage-Trends

    Hope you’ll find it full of interesting information.

  4. Wow, first FBI denial, now GoDaddy denial. This is getting very comical…guys comon, just admit it..Both you of just…got…PWND..

    • And the fact that this was a glitch…ya, whatever…millions of sites went offline for a long time…that was a hell of a glitch. DDoS attack symptoms usually include:
      1. Long response time to site
      2. Redirects are attempted by webserver if primary is down (you’ll see this for a while)
      This was a DDoS attack, plain and simple.

      The UDID thing: Wow, I actually saw this file after doing an OpenSSL and I have to tell you: It was pretty funny when I saw ‘UDID’,XXX,’FBI Surveillance VAN’, ‘iPhone’…
      Saw some other FBI ones on there..hilarious. BlueToad just happen to be on there..so they pointed at them to blame…probably paid off big time to lie so blame is divereted away from FBI.

      Welcome to our New Order!

      • ur Wr0nG bCuz Ur a Kl0wnn – DoS/DDoS att@cks can be f1xed quicKly wh3r3a$ routing/hardware Kann0T

  5. Look at http://www.bayouprinting.com, this site is hosted at GoDaddy, it says hacked by anonymous. This isnt some outage or a DDOS attack, the site got hacked. I hate the way people try and cover things up, now I’m stuck explaining to a client what happened

  6. Anonymous is a portal for sloppy teenage hackers.

Sign in to comment.