A few dozen QAnon and 8chan-related sites were knocked offline temporarily yesterday when a DDoS-protection vendor disabled their access, according to an article by security reporter Brian Krebs.
The websites—with names like 8kun.net, 8kun.top, 8chan.se, and qanonbin.com—are connected to the Internet via the US-based ISP VanwaTech, which in turn “had a single point of failure on its end,” Krebs wrote. “The swath of Internet addresses serving the various 8kun/QAnon sites were being protected from otherwise crippling and incessant distributed-denial-of-service (DDoS) attacks by Hillsboro, Ore. based CNServers LLC.”
That changed yesterday when security researcher Ron Guilmette called CNServers, which apparently didn’t realize it was providing security protection to the websites. “Within minutes of that call, CNServers told its customer—Spartan Host Ltd., which is registered in Belfast, Northern Ireland—that it would no longer be providing DDoS protection for the set of 254 Internet addresses that Spartan Host was routing on behalf of VanwaTech,” Krebs wrote. Those 254 addresses included the few dozen related to QAnon and 8chan, which is now known as 8kun.
The websites didn’t remain offline for long because Spartan Host quickly “changed its settings so that VanwaTech’s Internet addresses were protected from attacks by ddos-guard[.]net, a company based in St. Petersburg, Russia,” Krebs wrote.
Cloudflare dumped “cesspool of hate” 8chan in 2019
Though yesterday’s outage didn’t last long, it illustrates the difficulty QAnon and 8chan-related sites have had remaining online. Facebook this month announced a ban on pages and groups related to the QAnon conspiracy-theorist group, saying that QAnon pages “celebrate[d] and support[ed] violence” and contributed to other “forms of real-world harm including recent claims that the west coast wildfires were started by certain groups, which diverted attention of local officials from fighting the fires and protecting the public.”
The baseless QAnon conspiracy theory claims that Democratic politicians, Hollywood actors, and others are part of a Satan-worshipping, child sex-trafficking ring that is plotting against President Trump.
8chan/8kun “has been linked to white supremacism, neo-Nazism, antisemitism, multiple mass shootings, and is known for hosting child pornography,” Krebs noted. The primary 8chan website was knocked offline in August 2019 when Cloudflare cut off its access to CDN and DDoS-protection services. That occurred shortly after a suspected terrorist gunman posted a screed to 8chan just before killing 23 people at an El Paso Walmart store. Cloudflare CEO Matthew Prince said that “8chan has repeatedly proven itself to be a cesspool of hate,” with ties to multiple shootings in addition to the El Paso one.
Three months later, 8chan reappeared at 8kun.net but struggled to stay online because of DDoS attacks. The site now contains little more than a link to 8kun.top, the current location of what used to be called 8chan.
Host won’t boot websites, says it follows the law
VanwaTech CEO Nick Lim in November 2019 defended his company’s role in keeping 8kun websites online, writing on Twitter, “I do what I do because I truly believe in free speech and I believe in protecting people from cyber security attacks.”
Spartan Host founder Ryan McCully told Krebs yesterday that he intends to keep VanwaTech as a customer. “We follow the ‘law of the land’ when deciding what we allow to be hosted with us, with some exceptions to things that may cause resource issues etc.,” McCully told Krebs. “Just because we host something, it doesn’t say anything about [what] we do and don’t support; our opinions don’t come into hosted content decisions.”