Why Wikipedia Just Deleted 695,000 Links Overnight
Wikipedia editors ban Archive.today after discovering DDoS attacks and content manipulation, removing nearly 700,000 links from the encyclopedia
695,000 links. That's how many connections to the internet's past Wikipedia editors decided to sever in a single decision. The world's largest online encyclopedia has banned Archive.today—a web archiving service that millions relied on to access content trapped behind paywalls.
The reason? Wikipedia discovered it was unknowingly turning its readers into foot soldiers in a cyberattack.
The Paywall Whisperer's Dark Side
Archive.today (which operates under multiple domains like archive.is and archive.ph) had become an essential tool for Wikipedia editors. When citing sources from subscription-only news sites, editors could link to archived versions that anyone could access for free.
This wasn't just convenient—it was crucial for Wikipedia's mission of free knowledge. How else could editors cite The Wall Street Journal or The Financial Times while ensuring readers could verify the information?
But since January 2024, something sinister was happening behind the scenes.
When CAPTCHA Becomes a Weapon
Blogger Jani Patokallio noticed unusual traffic patterns hitting his personal website. His investigation revealed a shocking discovery: visitors to Archive.today's CAPTCHA page were unknowingly executing JavaScript code that sent search requests to his blog.
Essentially, hundreds of thousands of Wikipedia readers had become unwitting participants in a distributed denial-of-service (DDoS) attack. Every time someone accessed an archived page, they were automatically pinging Patokallio's server—driving up his hosting costs and potentially overwhelming his site.
The attack wasn't random. Patokallio had previously published a 2023 blog post investigating Archive.today's mysterious ownership, concluding it was likely "a one-person labor of love, operated by a Russian of considerable talent and access to Europe."
The Unhinged Response
When Archive.today's operator contacted Patokallio requesting he remove the investigative post, the situation escalated quickly. The operator claimed mainstream journalists were cherry-picking quotes to create "shitty" narratives for wider audiences.
After Patokallio declined, the operator responded with what Patokallio described as "an increasingly unhinged series of threats." More troubling still, Wikipedia editors discovered that archived pages had been altered to insert Patokallio's name—raising serious questions about the service's reliability as a historical record.
The Bigger Picture: Who Controls Digital Memory?
This isn't just about one bad actor. It highlights a fundamental vulnerability in how we preserve digital information. Archive.today was previously blacklisted by Wikipedia in 2013, only to be reinstated in 2016. The fact that it took eleven years and a targeted harassment campaign to trigger another ban raises uncomfortable questions.
The operator's own blog post revealed their perspective: Archive.today's value to Wikipedia wasn't "about paywalls" but rather "the ability to offload copyright issues." When original sources disappear or get modified, archives become the only proof that certain information ever existed.
But what happens when the archive itself becomes unreliable?
The Replacement Challenge
Wikipedia editors are now scrambling to replace Archive.today links with alternatives like the Wayback Machine. But this massive undertaking exposes another problem: not all archives are created equal.
Some news sites actively block archiving services. Others have inconsistent coverage. The Wayback Machine, while more trustworthy, doesn't always capture paywalled content effectively. This creates gaps in the historical record that bad actors could exploit.
For cybersecurity professionals, this incident demonstrates how trusted intermediaries can become attack vectors. For internet governance advocates, it shows how a single service can hold enormous influence over information access.
The operator's parting shot was telling: "Why didn't you write about such events earlier, folks of the tabloids?" Perhaps because we've been too comfortable assuming our digital infrastructure was neutral. This wake-up call suggests otherwise.
Authors
Related Articles
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
GitHub confirmed hackers stole data from 3,800 internal repositories via a poisoned VS Code extension. Here's why developer tools are now the most dangerous attack surface in tech.
A Utah woman was sentenced to life in prison partly because of her Google searches and deleted texts. The Kouri Richins case reveals how digital footprints have become the courtroom's most reliable witness.
Dirty Frag gives low-privilege users root access on virtually every Linux distro. The exploit code leaked three days ago. Microsoft says attackers are already experimenting with it.
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
GitHub confirmed hackers stole data from 3,800 internal repositories via a poisoned VS Code extension. Here's why developer tools are now the most dangerous attack surface in tech.
A Utah woman was sentenced to life in prison partly because of her Google searches and deleted texts. The Kouri Richins case reveals how digital footprints have become the courtroom's most reliable witness.
Dirty Frag gives low-privilege users root access on virtually every Linux distro. The exploit code leaked three days ago. Microsoft says attackers are already experimenting with it.
Thoughts
Share your thoughts on this article
Sign in to join the conversation