The Scoop
Three well-known sites that help users avoid paywalls mysteriously redirected users to Russian state-controlled international media outlet RT’s website for at least five days as of Tuesday, with one — archive.is — still sending users to RT as of Wednesday.
The redirects appear to be erratic but widespread, according to Semafor’s own experimentation with the sites and dozens of complaints posted to online forums including Reddit. In Semafor’s experience, refreshing the page occasionally fixed the problem, while several Redditors noted other workarounds such as altering the referral header.
In a statement to Semafor, RT (formerly Russia Today) said it had “no connection” to at least one of the sites affected. The outlet did not respond to follow-up questions regarding the other sites.
The most likely explanation is “either a prankster, or that Russian hackers have actually compromised these sites,” said Matt Pearl, who previously worked at the National Security Council, and is now the director of the Strategic Technologies Program at the Center for Strategic and International Studies.
The latter interpretation would be “consistent” with the tactics of Russian hackers who have long sought to claim vulnerable internet domains as trophies, Pearl said.
Know More
The Trump administration has publicly and privately signaled it no longer considers Moscow a major cyber threat to US national security following a dramatic rapprochement between the two countries in recent weeks. Still, an official US security assessment released March 18 described Russia as an “enduring potential threat.”
“Clearly, if the Russians think that there’s a chance that the US is withdrawing then they’re going to test the waters and see what they can get away with, what they can do, and try different things,” Pearl told Semafor. And paywall remover sites — which are illicit by nature — are an easy target for hackers to test their exploits on.
The State Department declined to respond to a request for comment.