Imgur vulnerability exploited in attack on 4chan




Images Share Service Imgur faced a vulnerability that could allow malicious code could be added to image links. The exploit led to a DDoS attack on 4chan and 8chan, and also left behind malware on the PCs of users of these sites.

Imgur confirms the leak and says measures have to patch it. “After analysis by our team, it seems that the exploit was specifically aimed at users of 4chan and 8chan, with images from a specific sub-reddit were shared with Imgurs hosting and sharing tools,” reads the site.

According Imgur it was possible with the vulnerability to inject malicious code in an image-link. These included javascript and as the CEO of Imgur, Alan Schaaf, it is now no longer possible to javascript code from serve.

The code had as Reddit users means that if an Imgur image from r / 4chan was loaded, there were open in the background hundreds of links to images from 4chan and 8chan. Besides these DDoS attack users were notified of a user more harmful attack, which took place in the background. The javascript code would secretly open an iframe with an Adobe Flash file, which further JavaScript code to the victim of the system and put a link to a Web service would allow.

The latter has not yet been confirmed, and it is unclear what would be the goal of this attack. Imgur recommends deleting users to browse data, cookies, and local storage.


In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »