On April 14, 2025, the widely recognized online message board 4chan experienced a significant security breach. Hackers infiltrated the platform’s servers, accessing and leaking sensitive internal data, including the site’s source code, moderator information, and administrative tools. This intrusion led to the site being offline for several hours, with intermittent functionality upon its return.
Details of the Breach
The attackers achieved complete shell access to 4chan’s servers, enabling them to extract critical data and temporarily control the platform’s operations. The compromised information includes:
– Source Code Exposure: The entire PHP source code of 4chan was accessed, notably the yotsuba.php file, which manages posting and reporting functions.
– Moderator Information: Personal details, including email addresses and contact information of approximately 218 moderators, administrators, and janitors (lower-level moderators), were leaked.
– Administrative Tools: Backend administration panels that provide access to user IP addresses and location data were compromised.
– Database Access: Content accessible through the site’s phpMyAdmin interface was also exposed.
Security analysts have attributed the vulnerability to 4chan’s outdated technical infrastructure. Security researcher Yushe noted that the hack was likely due to 4chan using an extremely outdated version of PHP with numerous vulnerabilities and deprecated functions interacting with their MySQL database. Similarly, security expert Kevin Beaumont described the incident as a comprehensive compromise, including SQL databases, source code, and shell access.
Claim of Responsibility
A group associated with the rival imageboard Soyjak Party, colloquially known as Sharty, has claimed responsibility for the attack. In a post on their platform, they stated:
Today, April 14, 2025, a hacker, who has been in 4cuck’s system for over a year, executed the true operation soyclipse, reopening /qa/, exposing personal information of various 4cuck staff, and leaking code from the site.
The attack appears motivated by longstanding tensions between the two communities. Soyjak Party reportedly formed by former members of 4chan’s /qa/ board after it was banned in 2020.
The attackers demonstrated their control over the system by temporarily restoring the previously banned /qa/ board and defacing it with the message U GOT HACKED XD, confirming they had gained administrative privileges within the system.
Implications and Response
The exposure of moderator emails potentially compromises the anonymity 4chan has long promised. Some leaked email addresses reportedly include .edu and .gov domains, raising questions about who has been moderating the controversial platform.
As of writing, 4chan remains intermittently available as administrators work to contain the breach and restore services. No official statement has been released by 4chan’s management regarding the extent of the attack or the timeline for complete restoration.
This incident represents one of the most significant security breaches in 4chan’s two-decade history, potentially marking a turning point in how anonymous platforms approach their security infrastructure.
