MangaDex manga site temporarily shut down after cyberattack

silversurfer

Level 72
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,139
Manga scanlation giant MangaDex has been temporarily shut down after suffering a cyberattack and having its source code stolen.

MangaDex is one of the largest manga scanlation (scanned translations) sites where visitors can read manga comics online for free. According to SimilarWeb, MangaDex is the 179th most frequently visited site on the web, with over 76 million visitors per month.

After suffering a series of outages since March 17th, MangaDex revealed yesterday that a threat actor had gained access to an admin and developer account, as well as the source code to the site.

According to an announcement now showing on Mangadex.org, a threat actor gained access to the site after stealing an admin user's session token through a website vulnerability.

"Three days ago (2021-03-17), we correctly identified and reported that a malicious actor had managed to gain access to an admin account through the reuse of a session token found in an old database leak through faulty configuration of session management."
"Following that event, we moved to identify the vulnerable section of code and worked to patch it up, also clearing session data globally to thwart further attempts at exploitation through the same method," MangaDex disclosed on their website.
 
Top