Another organization is shut down after the cyberattack. The organization named Manga scanlation also known as MangaDex is now temporarily shut down after the cyberattack is executed and the attackers steal the source code.
MangaDex is one of the largest scanned translation sites where the users can read the manga comics for free and according to the survey, the website is 179th times most visited sites on the web, which is also having more than 76 million visitors per month.
After this cyberattack, the organization disclosed that the attackers are capable to get the administrators and developer account access and the source code of the site. They get the site access and admin user sessions token with the help of vulnerability present in the site.
On 17th March, the experts identified and reported this attack which got the admin access and they reused the session of tokens found in the old database that leaked from the damaged configuration while managing the session.
The company spokesperson said that we will also identify the vulnerable section of the code that worked when it patch up. It also clears the session of data that globally thwart further attempts at exploitation using the same method.
With the help of these tokens, the attackers can gain complete access to the website and the source code download. The attacker also published the site’s source code on GitHub with the help of an alias named holo-gfx.
However, while checking the website and the code the attackers were able to penetrate the site developers using the comments when the vulnerability was fixed.
Whereas, when the developer asked about the vulnerability fixed, the attackers state that the file named as File type confusion bug was fixed and another vulnerability is still a secret. Therefore the organization is aware that the attackers still have access and they have to shut down the servers and they are working while launching the more secure and safer version for the site.
What Does the Organization State?
Due to the maintenance of the server and temporarily shutdown process the organization issue the notice that states that;
We are keeping our vulnerable website and deploying the efforts while playing the cat-mouse game with the attackers and we are decided to shut down the website and we are planning to rewrite the code known as v5. Whereas our original plans for fixing the issue are still developing and we need to launch this updated version v5 asap.
While developing and managing the website, it is quite difficult for the developer to give the accurate time and we will be running to initiate the backup that we had. We are always wanted to fix this issue asap, this will more beneficial for our organization and also for the users who are connected with us.
Summering Up
The attackers remain unidentified and the RCE vulnerabilities and web shells are used the MagaDev’s code that rewrites the protection against the attacker. The vulnerabilities also state that they infect the MangaDex database but they haven’t leaked anything yet.
While preventing the spread of this attack and largely unfettered access the attackers also manipulate the site and MangaDex started that all the user’s data is also at risk so they begin the shutdown.
The organization also advised the users to update their passwords and use two-factor authentication, in case the database is leaked the users have to aware of these vulnerabilities that may be misused by the attackers.
