Future Tense

Hacker Group UGNazi Claims Responsibility For Twitter Outage. Is It Lying?

Screenshot.

UPDATE: Twitter has issued a more detailed rundown of what happened today, explicitly rejecting claims that the site was hacked. From its blog post:

This wasn’t due to a hack or our new office or Euro 2012 or GIF avatars, as some have speculated today. A “cascading bug” is a bug with an effect that isn’t confined to a particular software element, but rather its effect “cascades” into other elements as well. One of the characteristics of such a bug is that it can have a significant impact on all users, worldwide, which was the case today. As soon as we discovered it, we took corrective actions, which included rolling back to a previous stable version of Twitter.

No response yet from UGNazi, the hacker group that had apparently claimed responsibility for bringing down the site with a DDoS attack. Did the group lie deliberately? Did it mistakenly think it had been resonsibile for the outage? Did a rival hacker group set it up for embarrassment?

Regardless, it probably will not come as a shock to anyone that you can’t always take a shadowy hacker group’s claims at face value.

Thursday, June 21, 5:41 p.m.: A hacker group called UGNazi claims it brought down Twitter today with a distributed denial of service (DDoS) attack. “We Just #TangoDown’d twitter.com for 40 minutes worldwide!” the group announced via—what else?—Twitter. Cc’d on the tweet were various accounts affiliated with the loose hacker collective Anonymous.

The claim sounds plausible on its face. UGNazi has claimed responsibility for a series of successful DDoS attacks on major sites in the past, including CIA.com, cloudflare, and BP.com, notes Amy Willis in The Telegraph. Willis quotes UGNazi member Cosmo as explaining, “The attack was mainly for the ‘lulz’, it goes to show what we are capable of.”

But Twitter insists otherwise. A tweet from its communications team following the outage chalked it up to a “cascaded bug in one of our infrastructure components.” “What’s a cascaded bug?”, millions of confused tweeters surely asked. An hour later came this tweet: “A cascaded bug has an effect that isn’t confined to a particular software element; its effect “cascades” into other elements as well.” (Can you explain it better than this? Please do in the comments.)

I asked Twitter if they could confirm the outage was not in fact the product of a DDoS attack, and a spokesman replied, laconically, “That’s right. Cascaded bug.”

There you have it—for now, at least. Twitter promises more information soon.

For what it’s worth, the monitoring site Pingdom indicates Twitter was actually down for a little over an hour starting at around noon eastern, then suffered a series of minor outages over the ensuing few hours.