Hacker News new | past | comments | ask | show | jobs | submit login
Dropbox is down
130 points by sam1r on Jan 11, 2014 | hide | past | web | favorite | 63 comments

Apparently the website has been compromised: https://twitter.com/1775Sec/status/421820685766250496

The hackers are also threatening a database leak: https://twitter.com/1775Sec/status/421822727331131392

EDIT: Dropbox's statement is that it's maintainance issues: https://tech.dropbox.com/2014/01/dropbox-status-update/

EDIT2: There is a high probability that the Twitter account is faking the hack, due to the "proof" of the hack being taken from an old dump.

EDIT3: The account admits they did not hack Dropbox, just DDOSed it. https://twitter.com/1775Sec/status/421848589480910848

I'm thankful there are so many folks out there still doing this sort of thing for "fun" or pure mischieviousness. Imagine how much worse it could be if they tried to be as stealthy as possible, got people downloading a hijacked dropbox service, etc.

Edit: which isn't to say this sort of thing is awesome, but it's a damn sight better than the alternative. These sorts of pranksters are like cow pox, and hopefully they encourage resistance to the real deal.

so, so, true.

Every time a serious hack-and-reveal happens, I wonder how many times it's _already_ happened, by someone who kept it quiet for their own continued use.

I'm reminded of the gawker attack. So much information was revealed to the attackers unwittingly and they had no clue they were hacked, it could have been so much worse, bank accounts could have been drained, sites could have been used to host exploits or malware, etc.

They say they're doing it in honor of Aaron Swartz[0]. (It's the eve of his death).

[0]: https://twitter.com/1775Sec/status/421831664239509504

How does this honor Aaron? Aaron wouldn't have done something like this.

What a pathetic excuse. Dropbox is loved and used by many people who depend on it. Their behaviour is disgusting nothing more than that.

It's a ridiculous claim.... they want more publicity. Dropbox has done nothing to warrant this attack for 'activism'. Let's hope they don't leak sensitive information if Dropbox reaches out to them and fixes the issue - that would especially be something Aaron wouldn't do.

IMO it is just an excuse because people are asking why hack them and sending a lot of hate instead of praise.

Honestly, I'm not sure, and I definitely don't think it's some Aaron would have done.

Well, for one, Dropbox is claiming that it was not a hack at all.

See: http://techcrunch.com/2014/01/10/dropbox-offline-hacker-grou...

and also see dropbox's blog post, explicitly stating that it "was caused during routine internal maintenance, and was not caused by external factors"


Yeah, I saw the article on TheNextWeb after posting my comment, but I figured I'd leave it up. Either way, I'm happy to hear that Drop Box wasn't compromised.

They also apparently took down the CA DMV site today.

Haha, seriously? Did you really have to use a "citation" for a twitter link in your 10 word comment?[0] Pretentious pseudo-scientific nonsense. Only on hacker news.

[0]: No.

For what it's worth, I write most things in Markdown and I use reference style links[0] by default. So, I tend to do that in comments on Hacker News, but I omit the brackets which would go around the link "value," (i.e. the inner value of the a tag in HTML). Plus, by listing the links under the comment, I find that it's neater and easier to read. And by simply including the links (even if it's just for "a twitter link" in my "10 word comment") it saves other people time because they don't need to search for it themselves.

[0]: http://daringfireball.net/projects/markdown/syntax#link

When a big site is down, Tweet this:-

We have just compromised the @sitename Website [siteLinkHere] #hacked #compromised

"We are aware that the Dropbox site is currently down. This was caused during routine internal maintenance, and was not caused by external factors. We are working to fix this as soon as possible. We apologize for the inconvenience."

Pathetic people spreading false news. We should shame them publicly. Anyone putting up false news is as guilty as, as shameful as, as fucked up as, as stupid as anyone sabotage security on purpose secretly. We have enough stupid political propaganda full of false statements in the news these days and we don't need more in our tech community on Twitter. What are they? 12 years old? Right, they say "don't feed the trolls."

> We should shame them publicly

Don't give them any more attention.

For everyone linking to a certain Twitter account saying that Dropbox is compromised:

The Twitter account is lying. This is almost always the case (especially when there is some sort of Anonymous affiliation). Anyone can make a Pastebin of fake emails.

(If Dropbox actually gets hacked, it's more likely to be by a state-sponsored organization, and definitely not by someone who is going to brag about it on Twitter)

...which isn't to say that decentralized services are mandatory for the continued health of humanity, but...

I'm totally with you. This is such a critical point, probably not attracting enough people's attention yet.

In order to achieve real robustness with high availability, clustering is not enough. Distributed computing architecture is the next hot topic we are going to bring up.

Check out the blog page:


Either hackers took it down and Dropbox is lying on their status page, or Dropbox did routine maintenance and Anonymous is taking false credit.

Unfortunately, I find option #1 to be more likely.

I haven't seen any proof from the hackers. The emails in the pastbin from @1775Sec are old. They are in this pastebin from a month ago: http://pastebin.com/64PAAV1c

I find it humorous how you are more likely to trust the word of some blackhat organization over that of an established company with a reputation that it needs to uphold. Lying would hurt it eventually. Also, the hackers admitted that they only DDOS'ed the website and made up the bit about the database leak. https://twitter.com/1775Sec/status/421852503848656898

>Dropbox is lying on their status page

They're saying it's an issue that "arose during routine maintenance", so that doesn't preclude the possibility they had inadvertently exposed a security vulnerability by doing that, leading to it then being exploited.

Probably. But due to how huge they are now, I don't blame them for trying to pass this off as a routine maint thing. Shit's either going to blow up or will be OK.

@1775Sec You only DDoS attacked them! You didn't breach the database! Why say otherwise!"

@YourAnonPriest don't ruin the suspense brother! lol it was a pretty massive DDoS too! We used all of our bots on it!


> We are aware of an issue currently affecting the Dropbox site. We have identified the cause, which was the result of an issue that arose during routine internal maintenance, and are working to fix this as soon as possible. We apologize for any inconvenience.

Comments are now, of course, closed. Whew, that's reassuring!

Clearly they have seen the twitter account claiming responsibility as well. It's been changed a little.

>We are aware that the Dropbox site is currently down. This was caused during routine internal maintenance, and was not caused by external factors. We are working to fix this as soon as possible. We apologize for the inconvenience.

I almost feel sorry for the PR automata having to produce this BS on a Friday night. Compared to Target's multi-billion-dollar gift to credit card thieves, this is nothing.

Use IP Seems DNS problem.

Update: Dropbox app seems working well after adding this like to /etc/hosts dropbox.com

Is this the latest website or cached somewhere? Look different though. I don't quite believe that DNS would be hacked.

I was thinking that they should quickly point the DNS to a different front end server to avoid this type of unavailable. Guess they are doing their job.

I tried ping dropbox.com and got this IP

Not sure about other things.

For sure not a phishing, but seems SSL problem for IP.

it is their IP, and it looks like their vaguely-newish home page redesign

[0]: http://dns.squish.net/traverses/df9a8b86bde047a12801bc04c96e...

If indeed the twitter spewings are correct and they've gained access to the database, I suppose now is the time to see how Dropbox secures passwords and user details.

Its important to note this is not merely their website. All data between dropbox folders/clients is not being synced.

Not only not being synced.. I'm also seeing some files being much older than what they used to be.

Just as a random update, I've been monitoring this thread & twitter etc since the beginning and it appears that dropbox is sort of working now just on extreme delay. I have auto upload on my phone and it took about 14 minutes for the picture I took to get synchronized with my desktop (normally its almost instant).

They're stating they have a partial DB leak. https://twitter.com/1775Sec/status/421842856748126208

I call fake.

See http://pastebin.com/64PAAV1c

Same data, one month old.

Nice find. Someone should tweet this out.

Seems like just names and email addresses.

Yeah, this is terribly easy to fake. Also, if you look closely, they repeat a lot of the same e-mail addresses with different "real" names attached to them. e.g., flyman@gmail.com and kidrock@msn.com (which appears right next to each other...)

I noticed it too. But it does not quite make sense, because nobody likes to sign up twice using different email address immediately, even if they don't remember their password. This reminds me that the exposed the data might be fake too.

I am sure the people who did this must be "very proud" of themselves but there can be no justification for hacking something as innocuous as Dropbox.

Right. We encrypt everything after we have the sha1 of it, dropbox.

This is stupid. Leaking the database will compromise users, which may hurt the company a bit, but will hurt the common person more. Its a pointless hack that won't accomplish much more than just reporting the bug would.

I've made this so you can be notified by SMS when the dropbox API is working again: http://isdropboxback.slipszenko.net/

I think I have proof that it was compromised, and it's not just maintenance. Has this been confirmed?

I'm thinking of writing a blog about it?

I love Dropbox, but a distributed solution like BT Sync or AeroFS is looking more attractive.

It was only a matter of time. So many people use DB. Still, I'll keep supporting them.

It's just a DDoS Attack according to them

Seems working now.


<tinfoil>Surely the NSA has nothing to do with this... </tinfoil>

If the NSA had something to do with it, odds are we wouldn't know about it to ask if the NSA had something to do with it.

We've heard that several large Internet companies were angered that their networks were tapped by the NSA for surveillance, and subsequently put a lot of effort into securing them with encryption. While it seems unlikely, it's conceivable that this has something to do with a response to surveillance, such as problems encountered while implementing encryption.

It's unbelievable to realize that the Yahoo or Google never experienced such accident. This is not the time for maintenance. Failover is the key, production should have hardware load balancing to switch to, right? Actually the front end should not be affected with the backend, unless the entire website is compromised.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact