
Dropbox is down - sam1r
dropbox.com
======
minimaxir
Apparently the website has been compromised:
[https://twitter.com/1775Sec/status/421820685766250496](https://twitter.com/1775Sec/status/421820685766250496)

The hackers are also threatening a database leak:
[https://twitter.com/1775Sec/status/421822727331131392](https://twitter.com/1775Sec/status/421822727331131392)

EDIT: Dropbox's statement is that it's maintainance issues:
[https://tech.dropbox.com/2014/01/dropbox-status-
update/](https://tech.dropbox.com/2014/01/dropbox-status-update/)

EDIT2: There is a high probability that the Twitter account is faking the
hack, due to the "proof" of the hack being taken from an old dump.

EDIT3: The account admits they did not hack Dropbox, just DDOSed it.
[https://twitter.com/1775Sec/status/421848589480910848](https://twitter.com/1775Sec/status/421848589480910848)

~~~
citruspi
They say they're doing it in honor of Aaron Swartz[0]. (It's the eve of his
death).

[0]:
[https://twitter.com/1775Sec/status/421831664239509504](https://twitter.com/1775Sec/status/421831664239509504)

~~~
possibilistic
How does this honor Aaron? Aaron wouldn't have done something like this.

~~~
citruspi
Honestly, I'm not sure, and I definitely don't think it's some Aaron would
have done.

~~~
infinitebattery
Well, for one, Dropbox is claiming that it was not a hack at all.

See: [http://techcrunch.com/2014/01/10/dropbox-offline-hacker-
grou...](http://techcrunch.com/2014/01/10/dropbox-offline-hacker-group-claims-
credit/)

and also see dropbox's blog post, explicitly stating that it "was caused
during routine internal maintenance, and was not caused by external factors"

[https://tech.dropbox.com/](https://tech.dropbox.com/)

~~~
citruspi
Yeah, I saw the article on TheNextWeb after posting my comment, but I figured
I'd leave it up. Either way, I'm happy to hear that Drop Box wasn't
compromised.

------
dbloom
For everyone linking to a certain Twitter account saying that Dropbox is
compromised:

The Twitter account is lying. This is almost always the case (especially when
there is some sort of Anonymous affiliation). Anyone can make a Pastebin of
fake emails.

(If Dropbox actually gets hacked, it's more likely to be by a state-sponsored
organization, and definitely not by someone who is going to brag about it on
Twitter)

------
dshibarshin
Probably just maintenance issues
[https://twitter.com/alicetruong/status/421834839721922560](https://twitter.com/alicetruong/status/421834839721922560)

------
polarix
...which isn't to say that decentralized services are _mandatory_ for the
continued health of humanity, but...

~~~
dclara
I'm totally with you. This is such a critical point, probably not attracting
enough people's attention yet.

In order to achieve real robustness with high availability, clustering is not
enough. Distributed computing architecture is the next hot topic we are going
to bring up.

Check out the blog page:

[http://bingobo.info/blog/bingobo/sql-or-nosql-and-search-
eng...](http://bingobo.info/blog/bingobo/sql-or-nosql-and-search-engine-
solutions.jsp)

------
rlu
Either hackers took it down and Dropbox is lying on their status page, or
Dropbox did routine maintenance and Anonymous is taking false credit.

Unfortunately, I find option #1 to be more likely.

~~~
cgrubb
I haven't seen any proof from the hackers. The emails in the pastbin from
@1775Sec are old. They are in this pastebin from a month ago:
[http://pastebin.com/64PAAV1c](http://pastebin.com/64PAAV1c)

------
wanda
@1775Sec You only DDoS attacked them! You didn't breach the database! Why say
otherwise!"

@YourAnonPriest don't ruin the suspense brother! lol it was a pretty massive
DDoS too! We used all of our bots on it!

[https://twitter.com/1775Sec/status/421848589480910848](https://twitter.com/1775Sec/status/421848589480910848)

------
pablosanchez
Dropbox Status Update: [https://tech.dropbox.com/2014/01/dropbox-status-
update/](https://tech.dropbox.com/2014/01/dropbox-status-update/)

~~~
username223
> We are aware of an issue currently affecting the Dropbox site. We have
> identified the cause, which was the result of an issue that arose during
> routine internal maintenance, and are working to fix this as soon as
> possible. We apologize for any inconvenience.

Comments are now, of course, closed. Whew, that's reassuring!

~~~
moonka
Clearly they have seen the twitter account claiming responsibility as well.
It's been changed a little.

>We are aware that the Dropbox site is currently down. This was caused during
routine internal maintenance, and was not caused by external factors. We are
working to fix this as soon as possible. We apologize for the inconvenience.

~~~
username223
I almost feel sorry for the PR automata having to produce this BS on a Friday
night. Compared to Target's multi-billion-dollar gift to credit card thieves,
this is nothing.

------
tristessa
[http://thenextweb.com/insider/2014/01/11/dropbox-is-down-
due...](http://thenextweb.com/insider/2014/01/11/dropbox-is-down-due-to-
routine-maintenance-issue-not-security-breach/)

------
motyar
Use IP [http://108.160.166.62](http://108.160.166.62) Seems DNS problem.

Update: Dropbox app seems working well after adding this like to /etc/hosts

108.160.165.62 dropbox.com

~~~
dclara
Is this the latest website or cached somewhere? Look different though. I don't
quite believe that DNS would be hacked.

I was thinking that they should quickly point the DNS to a different front end
server to avoid this type of unavailable. Guess they are doing their job.

~~~
motyar
I tried ping dropbox.com and got this IP

Not sure about other things.

For sure not a phishing, but seems SSL problem for IP.

------
aroch
If indeed the twitter spewings are correct and they've gained access to the
database, I suppose now is the time to see how Dropbox secures passwords and
user details.

------
kapkapkap
Its important to note this is not merely their website. All data between
dropbox folders/clients is not being synced.

~~~
chrislaco
Not only not being synced.. I'm also seeing some files being much older than
what they used to be.

------
Urgo
Just as a random update, I've been monitoring this thread & twitter etc since
the beginning and it appears that dropbox is sort of working now just on
extreme delay. I have auto upload on my phone and it took about 14 minutes for
the picture I took to get synchronized with my desktop (normally its almost
instant).

------
gtklocker
They're stating they have a partial DB leak.
[https://twitter.com/1775Sec/status/421842856748126208](https://twitter.com/1775Sec/status/421842856748126208)

~~~
middleclick
Seems like just names and email addresses.

~~~
fyrabanks
Yeah, this is terribly easy to fake. Also, if you look closely, they repeat a
lot of the same e-mail addresses with different "real" names attached to them.
e.g., flyman@gmail.com and kidrock@msn.com (which appears right next to each
other...)

~~~
dclara
I noticed it too. But it does not quite make sense, because nobody likes to
sign up twice using different email address immediately, even if they don't
remember their password. This reminds me that the exposed the data might be
fake too.

------
middleclick
I am sure the people who did this must be "very proud" of themselves but there
can be no justification for hacking something as innocuous as Dropbox.

~~~
sitkack
Right. We encrypt everything after we have the sha1 of it, dropbox.

------
legacy2013
This is stupid. Leaking the database will compromise users, which may hurt the
company a bit, but will hurt the common person more. Its a pointless hack that
won't accomplish much more than just reporting the bug would.

------
slipszenko
I've made this so you can be notified by SMS when the dropbox API is working
again:
[http://isdropboxback.slipszenko.net/](http://isdropboxback.slipszenko.net/)

------
fieryscribe
It's a compromise:
[https://twitter.com/1775Sec/status/421842856748126208](https://twitter.com/1775Sec/status/421842856748126208)

------
andydevo
I think I have proof that it was compromised, and it's not just maintenance.
Has this been confirmed?

I'm thinking of writing a blog about it?

------
tlrobinson
I love Dropbox, but a distributed solution like BT Sync or AeroFS is looking
more attractive.

------
zacinbusiness
It was only a matter of time. So many people use DB. Still, I'll keep
supporting them.

------
vanmount
It's just a DDoS Attack according to them

------
dmourati
Seems working now.

------
kategleason
:(

------
spydum
<tinfoil>Surely the NSA has nothing to do with this... </tinfoil>

~~~
jrochkind1
If the NSA had something to do with it, odds are we wouldn't know about it to
ask if the NSA had something to do with it.

~~~
code_duck
We've heard that several large Internet companies were angered that their
networks were tapped by the NSA for surveillance, and subsequently put a lot
of effort into securing them with encryption. While it seems unlikely, it's
conceivable that this has something to do with a response to surveillance,
such as problems encountered while implementing encryption.

------
dclara
It's unbelievable to realize that the Yahoo or Google never experienced such
accident. This is not the time for maintenance. Failover is the key,
production should have hardware load balancing to switch to, right? Actually
the front end should not be affected with the backend, unless the entire
website is compromised.

