The Stack Archive

Imgur exploited to channel botnet attacks at 4chan

Tue 22 Sep 2015

Imgur meme sharing platform

GIF and meme photo-sharing platform Imgur has been compromised by attackers looking for an opportunity to direct large volumes of traffic at infamous web forum 4chan.

A Reddit thread explains that “when an Imgur image is loaded from /r/4chan […] imgur loads a bunch of images from 8chan, which causes a DDoS to those sites.” Meaning that if a user clicks an Imgur link on /r/4chan, it automatically makes around “500 requests” for one image from imageboard 4chan.org/8chan. This will cause request delays if several users open the same link at one time, and complete denial of service should a large number of individuals click the same file.

While some users argued that it was a distributed denial of service (DDoS) attack, others believe the attackers are serving malicious JavaScript through Imgur.

“This isn’t a DDOS. It’s targeting 8chan users and leaving javascript code in their local storage that causes their browsers ping back to a command and control server each time they hit an 8chan page. Thus far the C&C server hasn’t sent out any commands (or stopped issuing commands before this was discovered). Over the evening whoever authored this has been updating and changing their code. It only effects very specific imgur images/pages. Why is not yet known.”

Many theories are currently circulating on Reddit as to the possibilities behind the attack. Some comment that an Imgur processing exploit has allowed hackers to inject malicious code, while others argue that the image-sharing site’s servers have been compromised. It has also been proposed that an Imgur insider with access to the source code is manipulating it to inflict damage on 4chan – a grudge perhaps against new owner Hiroyuki Nishimura.

It is suggested that Imgur users should disable flash and JavaScript, and should treat the site as entirely compromised until it has announced a resolution to the problem.

Imgur tweeted this morning that it was “working on a solution” to the issue.


DDoS hacking news
Send us a correction about this article Send us a news tip