MangaDex Hacked

Discussion in 'Manga Discussion' started by Jeebus, Mar 17, 2021.

  1. Jeebus

    Jeebus Well-Known Member

    Joined:
    Jun 20, 2017
    Messages:
    904
    Likes Received:
    779
    Reading List:
    Link
    Mangadex just posted that they were hacked. https://mangadex.org/thread/446243

    The hacker made off with the Mangadex user database, among other things. All passwords were stored in a secure and encrypted format, but you should change your password on Mangadex and any other site where you used the same password as Mangadex just in case.

    I've posted the forum post from Mangadex below since the site is timing out a lot right now.

     
  2. TamaSaga

    TamaSaga Well-Known Member

    Joined:
    Oct 11, 2016
    Messages:
    1,606
    Likes Received:
    2,004
    Reading List:
    Link
    Security is a full time job. So many attack vectors and new ones popping up every day. It doesn't help that the only way to really secure something is to make it so that you yourself can't get in...
     
  3. elengee

    elengee Daoist Ninefaps

    Joined:
    Mar 15, 2016
    Messages:
    13,386
    Likes Received:
    25,635
    Reading List:
    Link
    10k bitcoins, are you kidding me?
     
  4. Walter vi Britannia

    Walter vi Britannia Well-Known Member

    Joined:
    May 13, 2018
    Messages:
    2,702
    Likes Received:
    2,690
    Reading List:
    Link
  5. Jeebus

    Jeebus Well-Known Member

    Joined:
    Jun 20, 2017
    Messages:
    904
    Likes Received:
    779
    Reading List:
    Link
    Pretty sure it was $10k worth of bitcoin. 10k bitcoin would like $400 million.
     
    AliceShiki, Yellow Brick and elengee like this.
  6. Bobasis

    Bobasis Weeeeee

    Joined:
    Jan 3, 2021
    Messages:
    2,087
    Likes Received:
    14,561
    Reading List:
    Link
    Don’t even think mangadex even got that money
     
  7. elengee

    elengee Daoist Ninefaps

    Joined:
    Mar 15, 2016
    Messages:
    13,386
    Likes Received:
    25,635
    Reading List:
    Link
    Yeah, it's become a weekly occurence where i get emails that people are trying to reset my passwords or have done so, anything from facebook to sony account or 10 year old world of warcraft ones.
    If you don't have two-step authentication you're not safe.
     
  8. Jeebus

    Jeebus Well-Known Member

    Joined:
    Jun 20, 2017
    Messages:
    904
    Likes Received:
    779
    Reading List:
    Link
    18WSPrCVbBqE3fcsxmRyX4MHf7huhdkHvG is MangaDex's bitcoin wallet address. They have about .12 BTC in the account, which is just shy of $7k.

    0x0BB95fE37dc1458aAc692E0E9b44F9852B2Aa6Ec is their ethereum wallet address. They have around $2k in that wallet.

    Between the two, it would be almost enough to pay the hacker.
     
    Bobasis likes this.
  9. Anra7777

    Anra7777 All powerful magic grammar hamster queen pirate.

    Joined:
    Apr 13, 2018
    Messages:
    3,634
    Likes Received:
    30,323
    Reading List:
    Link
    I’ve got pretty much all my important stuff 2 stepped, so I’m not going to bother... sucks for md. I really don’t get the mindset of doing something like this. I mean, I know why, I just don’t get why.
     
  10. Moonpearl

    Moonpearl Professional Yuri Girl ❀ [Yuri Garden Creator]

    Joined:
    Oct 6, 2016
    Messages:
    2,202
    Likes Received:
    3,729
    Reading List:
    Link
    It would sure be nice if the site worked long enough to let you change your password, though...
     
    Yellow Brick likes this.
  11. Jeebus

    Jeebus Well-Known Member

    Joined:
    Jun 20, 2017
    Messages:
    904
    Likes Received:
    779
    Reading List:
    Link
    I managed to make it work. Took about 5 minutes of reloading. If you use a password manager, make sure to copy your old password in case the site decides to time out at the password change prompt after you've input a new password and changed it in your password manager.
     
    Yellow Brick and Moonpearl like this.
  12. Moonpearl

    Moonpearl Professional Yuri Girl ❀ [Yuri Garden Creator]

    Joined:
    Oct 6, 2016
    Messages:
    2,202
    Likes Received:
    3,729
    Reading List:
    Link
    I've managed to make it work, but it took a lot longer than 5 minutes.

    The "saving" button seems to be loading eternally rather than telling you when it's finished applying the changes. Had to log out and try logging back in to confirm it had worked.
     
    Yellow Brick likes this.
  13. Blitz

    Blitz ⛈️Blitz's new groove ❄️

    Joined:
    Mar 21, 2016
    Messages:
    7,576
    Likes Received:
    52,791
    Reading List:
    Link
    Yikes. Luckily i didn't use any important password for it. The site seems to be down still
     
  14. Chrono Vlad

    Chrono Vlad 『Banned From Drinking』

    Joined:
    May 24, 2017
    Messages:
    2,502
    Likes Received:
    4,704
    Reading List:
    Link
    Oh no... My degeneracy will be exposed :aww:
     
    TamaSaga likes this.
  15. NodiX

    NodiX Well-Known Member

    Joined:
    Jul 25, 2017
    Messages:
    209
    Likes Received:
    143
    Reading List:
    Link
    Does this have anything to do with DDoS that Mangadex mod said in the forum when the site got a bunch of 500 errors? Nothing goes right for Mangadex nowadays.
     
  16. Jeebus

    Jeebus Well-Known Member

    Joined:
    Jun 20, 2017
    Messages:
    904
    Likes Received:
    779
    Reading List:
    Link
    It's way too early to say who was behind it, and we may never know for sure. It's possible that the two are linked, but it may have just been a coincidence that the hack took place around the time of the DDoS attack.

    Since what MangaDex does is dubiously legal at best, and likely illegal in most of the developed world, we may never see a full investigation into either the hack or DDoS by anyone with enough experience, power, and access to get to the bottom of the whole thing.
     
  17. Deleted member 304540

    Deleted member 304540 Guest

    Reading List:
    Link
    Thanks for letting us know! I knew that the site was down but the reason for it to be this... :blobastonished:
     
  18. armad224

    armad224 Well-Known Member

    Joined:
    Mar 17, 2019
    Messages:
    452
    Likes Received:
    252
    Reading List:
    Link
    I can give him my username and pass
    free
    username:suckmycock
    password:Lickmydick*
     
  19. Crazyh3

    Crazyh3 Well-Known Member

    Joined:
    Dec 23, 2015
    Messages:
    883
    Likes Received:
    1,235
    Reading List:
    Link
    upload_2021-3-18_19-26-49.png

    They genuinely asked for 10k BTC. (woulez is one of the mods on Mangadex discord, so I'd assume he would know)
     
    Jeebus likes this.
  20. Jeebus

    Jeebus Well-Known Member

    Joined:
    Jun 20, 2017
    Messages:
    904
    Likes Received:
    779
    Reading List:
    Link
    If the hacker was negotiating in good faith, he must have meant $10k worth of BTC. MangaDex lists their ETH and BTC wallets on their support page. They have around $9k in crypto right now. Asking for $10k makes a lot of sense if the hacker checked the value of the wallets. Asking for nearly half a billion dollars worth of BTC is a complete waste of time... unless Elon Musk happens to be involved with MangaDex. It's also possible the hacker was just trolling and really meant 10k BTC. I'll leave that for you to decide.

    Whether the hacker meant 10k BTC or $10k worth of BTC, MangaDex did the right thing to not pay the hacker.

    EDIT:
    10K BTC is over half a billion dollars now. As of this post, that would be $568 million before transaction fees.
     
    Last edited: Mar 19, 2021