Founder of 4Chan, Christopher Poole, a.k.a moot, recently confirmed in a blog post that 4Chan was hacked.
The 4Chan attacker gained access to the administrative panel while hacking into one of 4Chans databases, by exploiting a vulnerable software inside the website. The attacker stated their motive was to “expose the posting habits of a specific user they disliked”, moot wrote.
The vulnerable software was believed to allow the hacker to gain access to imageboard moderation panels, reports queue, and some tables in the 4Chan backend database. Moot noted he has a detailed log of what information was accessed, and how it was accessed. He notes the attacker primarily targeted “moderator account names and credentials” found in the 4Chan database. Poole’s official post reads,
After careful review, we believe the intrusion was limited to imageboard moderation panels, our reports queue, and some tables in our backend database. Due to the way the intruder extracted information from the database, we have detailed logs of what was accessed. The logs indicate that primarily moderator account names and credentials were targeted.
The attackers were also able to gain access to three paid 4Chan password accounts. Paid accounts allow the anonymous posters to skip captcha verification. Poole noted affected users have had their pass accounts reset and have been offered lifetime tokens for the inconvenience.
To ensure security, Poole has stated that no payment information has been comprised in the breach. He notes all payments are processed securely through the third party payment processor, Stripe. Lastly he notes that himself and the others will continue to review the site for vulnerabilities, and make sure nothing similar will happen in the future.
4Chan is one, if not the most popular image-bulletin board on the net. It allows for users to communicate anonymously without any registration or form of verification (other than a captcha) to post. The large community is seeming to grow and become more and more popular by day. Some note the growth to be due to Reddit moderators censoring certain keywords that may spark controversy. Others note it’s continuous growth is just from the internet.
This is not the first time 4Chan has been hacked, back in 2012, UGNazi hijacked the DNS and redirected the domain to their official @UG twitter account for a short period of time.