Scroogle May Have Been a Victim of Hackers, Not Google

Was alleged LulzSec hacker Ryan Cleary responsible for the takedown of anonymized search engine Scroogle?

scroogle Scroogle May Have Been a Victim of Hackers, Not Google
The plot thickens! Yesterday we wrote about Scroogle, a nonprofit search engine that delivers Google results to a user without also collecting information for Google as the same time. Scroogle has been down for two days now, and an error page points a finger at the GOOG. “Google treats Scroogle like a bot because they see the traffic from our IP addresses as higher than normal,” the message says. “Searching Google with a bot is against Google’s terms of service, but Scroogle users are not bots. Is it ‘Terms of Service’ for Google, or is it ‘Terms of Monopoly’?”

Google says it did not target Scroogle specifically, but acknowledge Scroogle could have tripped a censor. “We do have automated systems to deter scraping or excessive queries to Google, and spikes in query traffic can cause issues for some sites,” a spokesman said in an email.

But now a tipster writes in with an image of a private forum post that appears to be written by Daniel Brandt, the militant privacy advocate who created the Scroogle engine as well as the sites Google Watch and Wikipedia Watch. There is no way to confirm the authenticity of the post, and Mr. Brandt has not responded to an email request for comment. Take what follows with a giant grain of salt.

But in the purported forum post, “Daniel Brandt” has a different theory than Scroogle presents in its error page. He identifies Ryan Cleary, the 19-year-old British hacker charged with cyber attacks attributed to the Hacker Collective LulzSec (although more specifically, he identifies Mr. Cleary’s girlfriend, for bringing over a computer).

Whether it was Mr. Cleary or friends of the same, this alternative theory proposes that the hacker orchestrated DDOS attacks, in which a flood of traffic overwhelms a site, against Scroogle and Wikipedia Watch out of personal malice for Mr. Brandt.

“It was clear by now that I was the target, and not just wikipedia-watch,” the post says. “The SYN_RECV that I captured in December showed that Scroogle IP addresses were targeted, and sometimes any other open port.”

The purported Mr. Brandt admits Google isn’t the real culprit—although if Google didn’t clamp down on IP addresses that were fetching search results, he wouldn’t have a problem.

“Scroogle has gone from 350,000 searches per day to about 200,000 per day,” the post says. “I blame Friends of Ryan Cleary. For the attempted searches that don’t go through, I show a screen blaming Google. After all, if Google hadn’t started this ‘mild’ form of throttling in March 2011, I could handle the load on two servers instead of six.”

Regardless of the cause, it sounds like the nonprofit that shares a name with a Cory Doctorow story is in trouble.

If you have any additional information on this, shoot us an email.