On Friday, Pal Kovacs listened to the long awaited new album of rock and metal giants Bring me The Horizon when he realized a strange sound at the end of the last track on the album.
Being a fan of solving puzzles and cracking ciphers, Kovacs I asked myself: does this sound contain a hidden message?
His hunch led him to the discovery of a hidden hacking-themed website that was hacked at some point.
Kovacs opened the song in the audio editing app Audacity and, as he suspected, there was indeed a spectrogram (essentially a visual representation of the audio itself) that was actually a scannable QR code. Excited, Kovacs shared his findings about him Bring me The Horizon subreddit.
The QR code led to the hidden website, which is protected by a password that turned out to be a number (93934521) written on the album cover, in the head of one of the characters, named M8. This M8 character speaks in some of the tracks and also appears on the hidden site as a guide of sorts.
The website is essentially an “alternate reality game” or ARG, in which bands like nine inch nails have done before as a way to get fans more involved with the band’s music and tradition.
In this particular case, the game consists of a website where, among other things, the band uploaded some unreleased tracks, a folder protected by an “encryption,” which led to more password-protected files, more mysteries, and more Easter eggs. hidden. some of which are still unsolved and blocked by unknown codes.
Kovacs’ discovery started a wild decentralized chase in which thousands of Bring me The Horizon Fans tried to discover all the secrets hidden within the site. Days after, the fans are still at it, as the site’s creators add new challenges and puzzles to solve. The fans have a dedicated Discord server with around 3,000 people inside and a shared Google Doc that at the time of writing is around 5,500 words.
Perhaps unsurprisingly, on the first day fans found the site, someone hacked it in an attempt to advance the game. This led the developers to temporarily shut down the site and replace it with a warning, asking fans not to do so. current hacking on hacking themed website.
“It appears that users have been illicitly hacking the M8 server to decode hidden secrets,” reads the message from M8, the album’s guide, which several fans reported seeing in chats with TechCrunch. “It is my duty to inform you that this behavior is mischievous and counterproductive! You see, the idea of this show is to unravel mysteries at a tantalizing pace, allowing everyone to enjoy the thrill of discovery. By bypassing the system and sharing secrets prematurely, you’re ruining the fun for everyone!
It’s unclear what exactly the developers meant by hacking “the server,” nor who was responsible. Sony Music Entertainment, the band’s record label, did not respond to a request for comment.
“An email address was found after solving a puzzle on the site, we found it legitimately, but when we sent this email as the site told us to, we received a warning message saying that we had hacked it and that we could include it in the blacklist if we try. Again, we assume it was an old bug from day one when these hackers extracted information from the site,” he told TechCrunch xDarkMagicianGirl, the owner of the Discord server.
xDarkMagician shared a copy of the email some people received after the hacking attempts.
“So a friendly warning: your recent unauthorized access to our website has not gone unnoticed. While I admire your enthusiasm, it is time to address the consequences of your actions. If you continue to hack the system, you will be permanently blocked from accessing anywhere,” the email said.
“Let’s play fair and enjoy the journey together. After all, a little patience goes a long way to making the experience truly enjoyable for everyone. So stop being a fool and play fair!