Last time Anonymous plunged into MIT's servers, it was to set up a small memorial for Aaron Swartz. Today the whole homepage is defaced, and it's really just incoherent.
Where to begin? The defacement says LulzSec and Sabu are behind the attack, which is of course impossible.
Then it says "DOWN WITH ANONYMOUS" and "GOD BLESS AMERICA," which are two statements antithetical to whatever it is Anonymous is about. In the background is a nearly-illegible copy of a rant by Swartz, touching on topics like war and animal rights. And then, to cap it all off, one last declaration: "fuck reddit."
If this is supposed to mean something, the hackers will have to try again. For now, MIT.edu is down.
Update: MIT.edu has returned to normal. We've reached out to the university for comment—they're surely not happy to have this happening when high school kids are making college admissions decisions.
Update 2: An individual claiming to be behind the attack hit us up with an explanation:
Hack went down like this:
1. Own the MIT NOC guy with a browser exploit
2. Get their educause logins, which were: [Redacted]
3. Create cloudflare account, set the dns records. (Deface was hosted on a
multitude of servers one of them provided by harvard. (All of which are
now down, DDoS? I don't know.))
4. Change their mail settings in cloudflare page.
5. At 12:00 EST we logged into the domain control panel and changed the
DNS records and the password.After that mit staff tried uselessly resetting the password but the email
ended up on our servers. Eventually educause (the people that manage .edu
domains) just locked the domain and took it all down.Now the interesting part here is that cloudflare staff changed our domain
name records in the middle of it all going down (They've previously stated
that they wouldn't touch user data without a court order)
Update 3: Cloudflare wrote in to deny that last parenthetical regarding court orders. "CloudFlare has never said this," a spokesperson says.
Images via Michael Moyer & Geoff Brumfiel