Yup, this was pretty disappointing to us.<p>We were keeping it running as long as we felt comfortable to do so, but due to our lack of preparation for an actual attack, we decided to cut it when it was obvious that the majority was voting too perfectly on actions that were turning malicious.<p>At this point, we are not sure how we are going to be continuing with this project. The time investment required to make this secure is much larger than we initially anticipated and our current setup is not optimal to do so. Along with this, we are both currently students and do not have the time to invest in such an undertaking. However, we are currently talking with a group that is attempting to reboot this idea immediately in a more secure environment. We will be exploring our options on how to best keep this project going.<p>All of our code is available on github at <a href="https://github.com/twitchinstallsarchlinux" rel="nofollow">https://github.com/twitchinstallsarchlinux</a>
I was in the stream and while at least some of the feats accomplished (partitioning the disk, installing the right things, changing the password) seemed to have some authenticity to it, the chat started to try to install nmap, then it tried investigate networking capabilities, tried to ping 8.8.8.8, to start dhcpcd, then tried to ping 8.8.8.8 again...all in rapid succession before anyone really discussed it at all. It certainly seemed fishy.<p>It's kind of upsetting. It was very exciting in the beginning--the internet installing a bootable arch linux system by voting for a single character at a time in under 3 hours...seemed unimaginable. But after the dhcpcd stuff started, it felt like that victory was taken from us.<p>EDIT: it WAS a botnet, see the reply from pdaddyo
Latest news from irc:<p>JRWR: So, the creators of this project have left. they no longer want to be a part of this any more. they have their reasons and I will NOT be disclosing it. The creators have handed over the keys to JRWR and yamamushi<p>JRWR: This project WILL live on, give us 24/48 hours to make something nice, we have their code and will expand on it.<p>yamimushi: We are working to get everything back online asap<p>And yes the reasoning for shutdown was the botnet, not pings or Google complaints.
So, is there any way to stop this botnet? Seems to be that the only way to stop bots from abusing the twich IRC api is to ban each of them.<p>I have programmed twitch spam bots before (repeats what people say, once on each account with eight accounts), it's surprisingly easy to do. Twitch does have some sort of system to detect if you are abusing the API I think, because I noticed that I get timed out pretty quickly.
Don't restart this thing until you've had a professional harden your network. You are not gonna stop the botnet, so the best you can do is limit the impact of post-exploitation.