Internet forum 4chan is back online after a hack from a rival website tanked its servers for nearly two weeks.
On 14 April, anime enthusiasts, conspiracy theorists and alt-right internet trolls were remiss to find their mutual gathering place 4chan.org had been taken offline by a significant cyberattack.
The hack, which was reportedly led by members of rival imageboard ‘soyjak.party’, saw 4chan’s servers accessed, its source code leaked, its staff systems infiltrated, and the data of its volunteer moderators reportedly exploited in a series of personalised doxxing attacks.
After nearly two weeks of intermittent downtime and widespread speculation that the platform wouldn’t be making a return, 4chan.org suddenly put its services back online.
“We have not been idle during our nearly two weeks of downtime,” said 4chan.
“The server that was breached has been replaced, with the operating system and code updated to the latest versions.”
In a blog post titled “still standing” 4chan explained that although the damage of the hack was frankly “catastrophic”, its development team managed to restore all but one of its boards.
“4chan is back,” it said.
“No other website can replace it, or this community.”
Poor funding, poor security
4chan detailed how a hacker penetrated the platform by exploiting an “out-of-date software package” to upload a malicious PDF file and effectively create an unauthorised “entry point”.
With the hacker purportedly using a UK-based IP address, they were able to gain access to 4chan’s “most important” server and ultimately tamper with a 4chan database and administrative dashboard.
“The hacker spent several hours exfiltrating database tables and much of 4chan’s source code,” wrote 4chan.
“When they had finished downloading what they wanted, they began to vandalise 4chan at which point moderators became aware and 4chan’s servers were halted, preventing further access.”
4chan added the attack was ultimately enabled by a lack of budget: its team failed to update “old operating systems and code in a timely fashion”, and it attributed this security failure to having “insufficient skilled man-hours available”.
“[4chan has been] starved of money for years by advertisers, payment providers, and service providers who had succumbed to external pressure campaigns,” wrote 4chan.
4chan users have been linked to such historic events as the 2020 US Capitol riot and New Zealand’s 2019 Christchurch mosque attacks, and although its demographic is partly built up of innocuous, niche hobbyists, the site has also housed various cybercriminals, conspiracy theorists and alt-right movements.
In 2018, 4chan moved a portion of the website to a new domain in order to dodge advertiser blacklists, while it conceded on Sunday that advertisers and payment providers willing to work with 4chan are still “rare”.
“Putting together the money for new equipment took nearly a decade,” said 4chan.
Soyjak causes permanent damage
The hack was allegedly conducted by members of Soyjak – an imageboard founded by previously exiled 4chan users who were kicked out for failing to comply with 4chan’s standards.
Much of their attack involved exposing and doxxing 4chan’s network of voluntary moderators and “janitors”, which 4chan reportedly conceded had their usernames, password hashes, email addresses and IP address exposed.
While 4chan stressed it is “not giving up” following the near-fatal attack, its developers were unable to fully restore all of the website’s services.
PDF uploads, for example, have been temporarily disabled on any boards that supported them, while one of the site’s “much beloved boards”, ‘Flash’, has been permanently removed on account of supporting flash animations via vulnerable .swf files.
Soyjak has meanwhile spent the last two days lamenting 4chan’s return in a thread riddled with derogatory slurs and in-fighting.
“After almost a week and a half, 4chan servers are back up and running,” wrote prominent Soyjak member Chud.
“Whether the 4chan's survival is beneficial for us is up in the air.
“Nevertheless, it is unquestionably among [our] greatest accomplishments, and its wounds will be visible on 4chan for many years to come.”
