Is your website popular? Great you are a privileged target for crooks, just yesterday I reported the last malvertising campaign that hit Forbes and today I decide to present a different kind of attack that is equally dangerous and insidious.
Today we will speak about image boards web services that are very popular especially among youngsters, they are a sort of Internet forum that allows users to post images. Such kind of services is very popular targeting them it is possible to compromise large audience, now it has been reported that a serious vulnerability in the online image sharing community Imgur was exploited by hackers to hide malicious code in images, control visitors’ browsers, and take over the 4Chan and 8Chan image boards.
Imgur has already fixed the hole preventing the upload of malicious images, but anyway it confirmed that threat actors have used compromised pages in targeted attacks. According to Imgur, the attack is limited to these pages and not involved the site’s main gallery page.
“Yesterday a vulnerability was discovered that made it possible to inject malicious code into an image link on Imgur,” explained the Imgur community director Sarah Schaaf.
“From our team’s analysis, it appears the exploit was targeted specifically to users of 4chan and 8chan via images shared to a specific sub-reddit on Reddit.com using Imgur’s image hosting and sharing tools.”
“The vulnerability was patched yesterday evening and we’re no longer serving affected images, but as a precaution we recommend that you clear your browsing data, cookies, and local storage.”
Which is the attack scenario?
The images containing the malicious code were posted to 4Chan and a related Reddit subreddit page. It is not clear the intent of the attackers and according the information available the command and control servers weren’t used to send orders to the infected machines.
As reported in the official announcement made by Imgur, users are invited to clear browsing data, cookies, and localstorage.
(Security Affairs – Imgur, targeted attack)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.