[BreachExchange] Due to a Cyber Attack, MangaDex Website Taken Down for 2 Weeks

Destry Winant destry at riskbasedsecurity.com
Thu Mar 25 10:25:52 EDT 2021


https://www.ehackingnews.com/2021/03/due-to-cyber-attack-mangadex-website.html

A few days ago, on 17th March, MangaDex found that a malicious actor,
who already had access to an administrative account, had hacked the
site. They said a malicious player has been able to access an
administrative account by using a session token in an older database
leak via flawed session management configuration. They further moved
on to locate and patch the vulnerable section of code, also sweeping
session data worldwide to prevent further attempts at, using the same
technique.

After the breach, they spent several hours analyzing the code and
began patching. This occurred alongside the opening of the site
following the breach, as we mistakenly believed that the actor could
not access it. As a precaution, their infrastructure has been
monitored in case the assailant is returned.

Afterward, the attacker even sent an email with the "MangaDex has a DB
leak. I suggest you tell their staff about it,” message to a few users
according to the website's official notice. Since then, MangaDex has
been maintaining the website and its users to prevent further
disruption and security problems.

Fortunately, MangaDex was pretty transparent regarding the violation
and was providing information via Twitter instead of trying to hush up
the details. However, the team recommends taking immediate actions to
secure one’s online identity. Further, a database breach is also yet
to be verified by them. So, if one uses the same password for all
sites, they may want to change their passwords on other sites also.

That being said, MangaDex affirmed that the new website — MangaDex v5
— will stay offline for a full rewrite that can take two weeks to
complete. This decision took into consideration many other
alternatives, such as the reintroduction of the website in its present
state which could be vulnerable under MangaDex to further attacks. The
new website will only have the basic features. This implies that only
when MangaDex v5 is launched, users can read and upload and follow –
like the website of the OG.

The team confirmed that MangaDex v3 is back, though with several
features that allow users to export bookmarks. A bug bounty program
may also be developed for the team for v5. This helps MangaDex to
patch all exploits in the code so that attackers will not be able to
break the website.


More information about the BreachExchange mailing list