While those who claimed the attack didn't share how they gained access to 4chan's systems, some said the forum was likely breached because it used a severely outdated PHP version from 2016, unpatched against many security vulnerabilities that could've been exploited in the attack. Today, April 14, 2025, a hacker, who has been in 4cuck's system for over a year, executed the true operation soyclipse, reopening /qa/, exposing personal information of various 4cuck staff, and leaking code from the site," one of them (using the handle Chud) said in a thread posted after 4chan was taken down. These tools could provide access to any user's location and IP address, rebuild or restart any 4chan boards, access board logs, view site statistics, and manage databases using 4chan's phpMyAdmin panel. In the same thread, Chud shared multiple screenshots to prove that hacker had access to 4chan's staff administration panels and maintenance tools. 4chan, an infamous online forum, was taken offline earlier today after what appears to be a significant hack and has since been loading intermittently. Before publishing, 4chan was either loading in text-only mode or showing Cloudflare connection timeout errors, hinting that the forum's staff was still working on bringing it back online. Over the years, the forum has been used to leak files allegedly stolen from various high-profile companies, including Microsoft, Intel, Valve, Twitch, and, most recently, Disney. 4chan has been online for over two decades, since 2003, when it was launched by Christopher Poole, known online as moot. Later in the day, someone else also leaked 4chan's PHP source code on the anonymous forum Kiwi Farms (previously known as CWCki Forums).
This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 15 Apr 2025 18:15:13 +0000