Tuesday, 11 September 2012

"We Were Not Hacked," Says Go Daddy

Yesterday I reported on the audacious hack by AnonymousOwn3r on Go Daddy, which knocked out most of the servers in Europe and the US. In a statement released today, Go Daddy claim it's not true. What's going on?

It all kicked off some time yesterday when people on G+ started to complain about their websites being down. Later on, people started posting links to news reports about a hack, in which Anonymous was blamed. I followed the links and wrote the report. Today, a different story is emerging with no clear pr0of of who is to blame one way or the other. The real question is, who are the winners, who are the losers, and what will happen next?

The winners

To some people it seems that Anonymous can do no wrong. Well if your livelihood doesn't depend on your website, and it's not hosted on Go Daddy, you're sorted. Get out the popcorn and watch the fun. But if you've paid for hosting for several years and that's where all your stuff is, it's a different matter. DNS was affected so even having your domain registered there makes you vulnerable... if indeed they were hacked. Go Daddy says,

The service outage was not caused by external influences. It was not a "hack" and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables.

They're very sorry, needless to say. What's interesting is how they handled it; they handed over all their customers to VeriSign to get them back online.

Supporters are gathering round AnonymousOwn3r, egging him on to do it again. Some Anons are even offering support and the notoriety he has gained may spur him on to another attack... assuming he was telling the truth about what happened. At the time of writing, 40 minutes has elapsed since he claimed to have embarked on a hack of Go Daddy. It's still up. It looks like Go Daddy won the Credibility Contest here. VeriSign won the award for trustworthiness and the customers, if they lost at all, it was temporary. Everything is still online.

The losers

Well the biggest one is AnonymousOwn3r. He claimed to have embarked on a hack, pasted details on Pastebin, got Anonymous on side, then failed to deliver. Lesson to learn: don't brag till the deed is done.

Go Daddy is represented in the image above cocking an eyebrow, pursing lips, and looking down on wannabes. If they lost at all, it wasn't much. Being able to recover quickly from an outage, take responsibility for correcting mistakes, and have someone on side to pick up the slack helps. The hack, if it's being attempted at all, may be failing because everything is still at VeriSign.

A client contacted me today to ask if she should move. I said no. Go Daddy had an outage and instead of making excuses they sorted out the problem and put a plan in place to make it less likely to happen in future. Disruptions happen even on the best of servers. I really hope no one suffered too much as a result of the outage.

What will happen next?

Well at the moment, the hacker claims to have got hold of Go Daddy's source code. A lot of what he's saying doesn't add up. Follow this link. Look at the URL. Now check the source code. No hacking took place, that URL trick is easy to fake. As he continues to fail to deliver, he starts to use distraction by posting more stuff on Pastebin but people are noticing. DDoS attacks don't require hacks, they require lots of spammers using Slow Loris and LOIC. He's claiming to be hacking in order to launch a DDoS attack. Something doesn't sound right. Now people are calling him out and questioning his prowess as a hacker. Go Daddy is still up and running.

Get the popcorn

Prediction: nothing happens to Go Daddy, then a witch hunt by disgruntled "fans" track down AnonymousOwn3r and out him for fooling us (okay, me. He fooled me) and failing to provide the lulz. Corrupted router data tables are accepted as the source of the outage and we all get on with our lives.

No comments:

Post a Comment