Saturday, June 9, 2018
Home / Security / Breaches / UGNazis Hack 4chan, CloudFlare and Mybb

UGNazis Hack 4chan, CloudFlare and Mybb

UGNazis, a hacktivist group recently have gotten access to a CloudFlare employees Gmail.  A statement from Cloudflare below:

“The attack was the result a compromise of Google’s account security procedures that allowed the hacker to eventually access to my CloudFlare.com email addresses, which runs on Google Apps,”

Matthew Prince , the co-founder and CEO of the company said in the statement.

“The password used on my personal Gmail account was 20+ characters long, highly random, and not used by me on any other services so it’s unlikely it was dictionary attacked or guessed,”

he added. Surprisingly, all CloudFlare’s accounts use two-factor authentication on Google. ” We are still working with Google to understand how the hacker was able to reset the password without providing a valid two-factor authentication token.” Until now, it is still unknown how they managed to get access to the accounts.

Video of the hacking of 4Chan:

After this occured, the UGNazis put out a statement on pastebin:

4chan.org is the playground that allows pedophiles to share their “collections” and the disgusting bronies to hang out. The site is loosely monitored and child porn threads are allowed to “stay alive” for an exceedingly long amount of time.

Lastly, there was no political motive here, we will not tell lies and pretend that it was all to fight an injustice. This was for the lulz. This was for the fame. This was done because only we have the skill to do it. This was done, so that we can laugh at your butthurt. We did it because we can.

On May 31st Mybb admits to being breached in the statement below:

Dear MyBB users,

Last night our domain name and hosting accounts were compromised by hackers.

Users of MyBB should not be concerned about their own installations. There is nothing to indicate the MyBB software itself contributed to the hacking in any way.

We hope to restore access to all services in the next 12 – 24 hours. At this stage we don’t believe our database was compromised, however we recommend users stay vigilant to unauthorized access of their accounts.

Download MyBB 1.6.8 (latest release)

We recommend you stay informed by following MyBB on facebook and twitter.
Regards, The MyBB Group.

and later the UGNazis claimed the hack.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …