Wikipedia Implements Ban on Archive.today Following DDoS Attack Campaign
The English-language edition of Wikipedia has officially banned the archiving service Archive.today, also known as archive.is, after investigations revealed the site was involved in directing a Distributed Denial of Service (DDoS) attack against a personal blog. This significant move comes as Wikipedia editors uncovered that Archive.today had been running a sustained DDoS campaign targeting the blog of engineer Jani Patokallio for more than a month.
Discovery of Malicious Activity and Altered Snapshots
Wikipedia editors reportedly discovered that Archive.today not only launched attacks but also altered its archived webpage snapshots to insert the name of the targeted blogger. According to reports, since January 11, 2026, Archive.today has included a piece of JavaScript code that covertly uses visitors' browsers to open Patokallio's blog in the background. This action triggers massive DDoS attacks by flooding the site with errant traffic, which can exhaust server resources and knock websites offline entirely.
Archive.today is an archiving service similar to the Internet Archive, known for its advanced scraping methods and generally considered more reliable for preserving web content. The site is widely cited online, including across Wikipedia articles, making this ban a notable development in digital archiving and cybersecurity.
Wikipedia's Official Statement and Community Consensus
An update from Wikipedia's discussion on Archive.today states: 'There is consensus to immediately deprecate archive.today, and, as soon as practicable, add it to the spam blacklist (or create an edit filter that blocks adding new links), and to forthwith remove all links to it.' The community reached a strong consensus that Wikipedia should not direct readers to a website that hijacks users' computers to run DDoS attacks, citing concerns over reader safety and service integrity.
Additionally, evidence presented showed that Archive.today's operators altered the content of archived pages, rendering the service unreliable for verifiability purposes. While some editors argued for maintaining links due to the site's utility, an analysis indicated that most uses could be replaced with alternative archiving services.
Background of the Dispute and Ongoing Risks
The DDoS attack is said to stem from a public dispute between Archive.today's operator and Jani Patokallio, revolving around a 2023 blog post where Patokallio researched what makes Archive.today function effectively. Wikipedia's statement highlights: 'In January 2026, the maintainers of Archive.today inserted malicious code in order to perform a distributed denial of service attack against a person they were in dispute with.'
As of February 19, 2026, the malicious JavaScript code remains active on Archive.today. Wikipedia strongly recommends that users avoid visiting the archive without blocking network requests to gyrovague.com to prevent inadvertently participating in the attack. This incident raises significant concerns about the long-term stability and integrity of archiving services and their potential misuse for cyber attacks.
Implications for Digital Archiving and Cybersecurity
This ban underscores broader issues in the digital archiving landscape, where services like Archive.today play a crucial role in preserving web content but must balance reliability with ethical practices. The case highlights how archiving tools can be weaponized for cyber attacks, posing risks to both targeted individuals and unsuspecting users.
Wikipedia's decision to remove all links to Archive.today reflects a proactive stance on cybersecurity, prioritizing user safety over archival convenience. It also prompts discussions on the need for stricter oversight and accountability in archiving services to prevent similar incidents in the future.
