The popular fanfiction platform Archive of Our Own (AO3) is currently experiencing a wave of distributed-denial-of-service (DDoS) attacks that have forced the website offline since Monday. AO3 first acknowledged the outage on the company’s official Twitter account on July 10th at 8.24AM ET, later confirming that the issue was caused by “a DDoS attack” — a malicious cybercrime in which threat actors overwhelm a server with traffic — “causing the servers to fall over.”
A group claiming to be Anonymous Sudan has taken credit for the attack, and is demanding a ransom to stop the ongoing operation.
The AO3 team is currently trying to defend against the attack and restore the platform, warning that users may experience various error messages or encounter display issues with the site layout in the meantime. (The site has been completely unreachable for hours in our testing.) The company said that because DDoS attacks don’t compromise private user data, there’s no need for users to change their password in response to the outage. At the time of writing, no estimated timeline has been provided regarding when the archive will be back online. We have reached out to the Organization for Transformative Works, the non-profit parent organization of AO3, for comment and will update this story if we hear back.
A group on the Telegram messaging service claiming to be ‘hacktivist’ organization Anonymous Sudan has taken credit for the attack. According to threat intelligence vendor Flashpoint, Anonymous Sudan has been active since January 2023, claiming responsibility for DDoS attacks against Microsoft and various companies around Europe, though it appears that the group has no credible affiliation with the country of Sudan or the previous Anonymous group that operated within it.
AO3 has warned that these claims should be taken with a pinch of salt. “A group presenting themselves as a collective of religiously and politically motivated hackers has claimed responsibility for the attack,” the platform tweeted on Monday. “Cybersecurity experts believe the group claiming responsibility is lying about their affiliation and reasons for attacking websites. View the group’s statements with skepticism.”
The Anonymous Sudan group initially claimed the attack would persist for up to 24 hours, but has since issued a ransom demand for $30k worth of Bitcoin, threatening to keep AO3 down for weeks if the company doesn’t comply. The Organization for Transformative Works (and its AO3 project) is entirely supported by user donations and run by volunteers, which means the company is unlikely to be able to afford such a ransom even if this threat is revealed to be genuine.