Imgur, the massive photo sharing community best known for images of adorable animals and hilarious gifs has been exploited in a bizarre attack to send a Distributed Denial of Service (DDoS) Attack knocking 4Chan and 8Chan offline.
The DDoS attack was first spotted by someone on Reddit posting in the /r/4Chan subreddit, where a Reddit user created an image displaying how Imgur links were sending massive amounts of traffic to 4Chan and 8Chan. Explaining that whenever a user clicked on an Imgur link within the 4Chan subreddit, the link opened a hidden window users could not see and load hundreds of image requests to media stored on 4Chan and 8Chan servers. The amass of traffic slowed 4Chan and 8Chan to a crawl, even knocking them offline for several hours.
Speculation began arising that an Imgur employee may have deliberately injected the malicious code into the image host, but most comments on the thread suggest the attack was the result of an external breach. However, neither of the theories are true, according to Imgur.
In the Reddit post an Imgur employee commenting on the attack said while Imgur itself wasn’t hacked, the company did discover a vulnerability that the attacker was able to exploit to inject malicious code.
According to an official Imgur blog post published Tuesday, the vulnerability has been patched but the company advised users as a precaution to clear your browsing data, cookies and localstorage if you visited the site during the time in which it was affected.