Operators of MangaDex, a platform for Japanese manga fans, announced that the platform will stop working because an unauthorized access incident compromised their administrator passwords. After the cyberattack, hackers sent an email to users, warning that their information could also have been compromised.
A couple of weeks ago the company had started working with a group of specialists to fix an exploitable vulnerability in its code. Finally, MangaDex confirmed that threat actors accessed an administrator account by reusing a token discovered from a previously reported data breach incident.
“Mistakenly, we thought that threat actors would not be able to gain access after correcting the flaws. Still, as a precautionary measure we started implementing infrastructure monitoring to prevent any new security incidents,” MangaDex operators mention.
According to the initial reports, threat actors accessed a developer account that remained inactive for nearly a week. Once the intrusion was detected the operators shut down the platform and began analyzing the incident, although just a few minutes later users began receiving the email from the hackers, which contained only one text line: “There is a leak in the MangaDex database; I suggest you report this to the staff members.”
A couple of hours later, supposed threat actors created a GitHub repository where they published some snippets of MangaDex website’s source code; while the flaws that the hackers exploited were fixed soon after, the operators decided to completely disconnect the platform.
Platform operators also received a ransom note in which attackers threatened to disclose compromised information if they were not paid about $10,000 USD in cryptocurrency. On their decision, operators believe it is impossible to determine that their code is secure enough, so closing the website for an indeterminate time was the best option.
“Knowing the current circumstances, we face a difficult decision; if we had assumed that the website was safe from exploiting these failures, our operations may have continued, although we prefer not to risk a new incident,” conclude MangaDex operators. As mentioned above, this is an indeterminate time measure, although operators do not rule out returning shortly.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science at Miami and started working as a cyber security analyst in 2008. He is actively working as an cyber security investigator. He also worked for security companies like Cisco. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.