Imgur exploited to channel botnet attacks at 4chan
Tue 22 Sep 2015
GIF and meme photo-sharing platform Imgur has been compromised by attackers looking for an opportunity to direct large volumes of traffic at infamous web forum 4chan.
A Reddit thread explains that “when an Imgur image is loaded from /r/4chan […] imgur loads a bunch of images from 8chan, which causes a DDoS to those sites.” Meaning that if a user clicks an Imgur link on /r/4chan, it automatically makes around “500 requests” for one image from imageboard 4chan.org/8chan. This will cause request delays if several users open the same link at one time, and complete denial of service should a large number of individuals click the same file.
Many theories are currently circulating on Reddit as to the possibilities behind the attack. Some comment that an Imgur processing exploit has allowed hackers to inject malicious code, while others argue that the image-sharing site’s servers have been compromised. It has also been proposed that an Imgur insider with access to the source code is manipulating it to inflict damage on 4chan – a grudge perhaps against new owner Hiroyuki Nishimura.
Imgur tweeted this morning that it was “working on a solution” to the issue.