From PC Mag: Nearly two weeks after a major outage, 4chan is back online — but the site now admits it suffered a "catastrophic" hack that exposed critical data, including its source code.
In addition, the whole incident could have been avoided if 4chan’s development team had routinely installed security patches. The messaging board says an attacker “exploited an out-of-date software package on one of 4chan’s servers, via a bogus PDF upload.”
“With this entry point, they were eventually able to gain access to one of 4chan’s servers, including database access and access to our own administrative dashboard,” 4chan wrote in a blog post. “The hacker spent several hours exfiltrating database tables and much of 4chan’s source code.”
The breach happened on April 14, culminating in the hacker vandalizing 4chan’s site. “While not all of our servers were breached, the most important one was, and it was due to simply not updating old operating systems and code in a timely fashion,” 4chan’s blog post adds.
View: Full Article
