On Friday, Pal Kovacs was listening to the long-awaited new album from rock and metal giants Bring Me The Horizon when he noticed an unusual sound at the end of the record’s last track.
Intrigued and being a fan of riddles and encrypted codes, Kovacs wondered if this sound contained a hidden message.
His curiosity led to the discovery of a hidden hacking-themed website that ironically had been hacked at one point.
Kovacs opened the song in the audio editing app Audacity and confirmed his suspicion: there was a spectrogram — a visual representation of the audio — that revealed a scannable QR code. Excited, Kovacs shared his findings on the Bring Me The Horizon’s subreddit.
The QR code led to a hidden website, which required a passcode. This passcode, 93934521, was hidden on the album cover art, on the head of a character named M8, who also speaks in some tracks and appears on the hidden website as a guide.
The website turned out to be an “alternate reality game” (ARG), a concept popularized by bands like Nine Inch Nails to engage fans with their music and lore.
In this case, the game features a website containing unreleased tracks, a folder protected by a “cipher,” leading to more password-protected files, additional mysteries, and hidden Easter eggs. Many of these are still unresolved and protected by unknown codes.
Kovacs’ discovery sparked a decentralized chase with thousands of Bring Me The Horizon fans attempting to uncover all the secrets on the site. Days later, fans are still at it, as the site’s creators add new challenges and puzzles. Fans have a dedicated Discord server with around 3,000 members and a shared Google Doc that has grown to about 5,500 words.
Unexpectedly, on the first day fans discovered the site, someone hacked it to try to get ahead in the game. This caused the developers to temporarily shut down the site and post a warning asking fans not to engage in actual hacking on the hacking-themed website.
“It appears user/s have been illicitly hacking into the M8 server to decode hidden secrets,” read a message from M8, the album’s guide, reported by multiple fans in chats with Truth Voices. “It’s my duty to inform you that this behavior is both naughty and counterproductive! You see, the whole idea of this program is to unravel the mysteries at a tantalizing pace, allowing everyone to enjoy the thrill of discovery. By bypassing the system and sharing the secrets prematurely, you’re spoiling the fun for everyone!”
It’s unclear what the developers meant by hacking into “the server,” or who was responsible. Sony Music Entertainment, the band’s record label, did not respond to a request for comment.
“There was an email address found after solving a riddle on the site. We found it legitimately but when we emailed this email like the site told us to, we received a warning message saying that we had hacked it and might be blacklisted if we try again. We assume it was an old error from the first day when these hackers extracted info from the site,” xDarkMagicianGirl, the owner of the Discord server, told Truth Voices.
xDarkMagicianGirl shared a copy of the email some people received after the hacking attempts.
“So a friendly warning: your recent unauthorized access to our website has not gone unnoticed. While I admire your enthusiasm, it’s time to address the consequences of your actions. If you continue to hack into the system, you’ll be permanently blocked from accessing any part of it,” the email read.
“Let’s play fair and enjoy the journey together. After all, a little patience goes a long way in making the experience truly enjoyable for everyone. So stop being a dips—, and play fair!”
