Why TikTok Activism Made Actual Hacktivism Harder

by Johnny Fusion =11811=

On September 1, 2021, due to the Supreme Court of the United States using their shadow docket, the most restrictive law against abortion went into effect in Texas.  The law turns over the enforcement of the six-week abortion ban, not to state actors, but to individual vigilantes with a cash bounty.

To facilitate this vigilantism, a website went online to collect tips for Texans to report any and all activities associated with pregnant people getting an abortion.  People were outraged, and rightfully so.  The website was hosted on GoDaddy, and the calls for them to not host the site were heard, as they were indeed violating GoDaddy's terms of service by harvesting information on people without consent.  The vigilante website was also inundated with Shrek porn and obviously false reports - and the amount of traffic caused the site to crash as if it was a distributed denial-of-service attack.

Much of this activity was cheered and bragged about on TikTok.  In fact, there were headlines about how TikTokers took down this website and one TikToker who bragged about the script he wrote to inject false data and help others do so, but from what I could see in an easy to filter method until his IP got banned.

So how did the Texas anti-choice organization react?

After they got booted from GoDaddy, they found hosting on Rob Monster's Epik registrar and hosting service which is also home to fascists, the far-right, neo-Nazi, and other extremist content.

So those who wish to deny constitutional rights to pregnant women who wish to avoid taking a government-mandated untested vaccine, and those that assist them, would be right at home there.  They are also now protected by Epik's low-rent Cloudflare clone, BitMitigate, so they can handle any flood of traffic that is likely to come their way.  And the final layer of security I have been able to find as of this writing is a WordPress plugin, Wordfence, which geofences the site to Texas, and known VPNs and proxy servers are blocked by the plugin as well.  Even with confirmation of IP addresses originating from Texas, Wordfence blocks requests on port 80 making insertion of believable but false data even harder now.

Before the viral shenanigans on TikTok, this website was a pretty "soft target" as far s hacking went.  But now they have raised all shields as it were and hardened their defenses.  Any scripts previously used, unless modified to change the signature from known attacks, have become useless.  At least one such script was removed from GitHub probably from the attention it was generating.  By showing their hand, the anti-choice vigilantes in Texas now know what these attacks look like, and where they are likely to come from.

I am sure participating in this TikTok activism felt good.  It probably felt like you were really sticking it to them and protecting pregnant people in Texas.  Unfortunately, this has led to them locking things down to the point where only "legitimate traffic" will get through - those that intend to do real harm to real people and collect a bounty for doing so.  It has decreased the likelihood of being able to send these assholes on wild goose chases to people and clinics that do not exist, wasting time, energy, and money pursuing digital phantoms and instead enabled them to chase after actual victims.  Strategically, it was a poor move and, in the long run, made actual hacktivism that much more difficult to pull off.

More difficult to pull off, but not impossible.  There will still be a way.  Eventually, they will relax things.  There is a possibility that the geofence is too tight and rejecting the traffic that they want.  If we can get hackers or activists in Texas to set up private proxies and VPNs not likely to be on the blocklist of Wordfence, then with some cleverness and luck, we may make a dent in their plans.  Being a WordPress plugin, their geofence is not protecting other ports, and I was able to connect to a few different services in my initial probing after they moved to Epik hosting and BitMitigate.

Because of the current state of things, it is not the time to fight head-on, but to lay down plans and strategy, get our tools ready, and prepare for the battle to come.  I would have rather they remained a soft target for a bit longer, but what is done is done.

The arc of history is long, but it curves towards justice.