Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Hackers Begin DDOS Assaults on 4chan by Using Imgur


Softpedia.com reported on 22nd September, 2015 stating that a Reddit user has discovered a covert method of launching DDOS attacks on the infrastructure of 4chan by using images hosted Imgur via Reddit.

A Reddit user rt4nyp, who discovered the vulnerability, says that whenever an Imgur picture was loaded on the /r/4chan sub-reddit, more than 500 other pictures were also loaded at the background, pictures hosted on CDN (content delivery network) of 4chan.

Some more connections from Reddit pushed 4chan's servers over the edge because of ever heavy traffic on 4chan resulting crashing them many times during the day. Moreover, 8chan which is a smaller 4chan spin-off was also influenced and experienced some downtime as well.

Reditt user rtny was warned that something was wrong when he found that Imgur images on reddit were loaded as inclined base64 data.

Motherboard.vice.com published news on 22nd September, 2015 quoting an analysis of the attack by ItsMeCaptainMurphy, a Reddit user, as "when observed, the images then loaded a malicious Flash file-hosted on 8chan-which was not seen to the user. That flash file then ran more JavaScript code which altered the browser of the user so that whenever the user visited 8chan, it would beep a command and control server controlled by the attacker."

ItsMeCaptainMurphy told motherboard.vice.com in an online chat that the server did not issue any commands but possibly, the attacker or attackers "could have gained full control over anything done or seen by infected users on 8chan" and for example, it will allow attackers to steal login credentials.

Motherboard.vice.com published news quoting Jesus Higueras, a game developer who reported the attack to Imgur, as saying "Actually, someone has exploited a vulnerability in Imgur to inject code into your browser and then injected more code by exploiting a vulnerability in 8chan."

Motherboard.vice.com published news on 22nd September, 2015 quoting Darren Martyn, a Security Researcher, as saying "It is not clear why the attack was so complicated or what the attacker had expected to achieve but some conceive that the objective could have only been a denial of service attack because Flash file was also programmed to cause more load on servers of 8chan."

» SPAMfighter News - 9/29/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next