4chan
4chan has been hacked. The hack is largely attributed to individuals or a group associated with Soyjak.party, a rival imageboard also known as "The Sharty." The primary motive appears to be related to the restoration of the /qa/ board, which was banned on 4chan about four years ago. The sharty boys allegedly reinstated this board during the attack, demanding a space significant to their community. Additionally, the hack involved leaking moderator and janitor emails, source code, and internal communications, exposing and undermining 4chan’s moderation practices.
the process
Evidently, some sharty boys had access to root on 4chan's servers since 2021 and planned the hack for a few years. The attackers exploited vulnerabilities in 4chan’s outdated infrastructure, specifically an old version of PHP (potentially from 2016) and deprecated MySQL functions in a script called "yotsuba.php." This script, which handles post submissions and moderation, was a key entry point. Some reports suggest the hackers gained shell access to 4chan’s servers, allowing them to leak sensitive data like admin panels, source code, and moderator credentials. There’s also mention of an exploit involving PDF uploads, where a malicious PDF could execute PostScript commands via an outdated Ghostscript version, granting shell access.[1]
what to do
Commentary and help from our friends in the east:
gallery
Oh well, despite the fact that people are crying about it and saying "this is the end," 4chan will probably be back in a few hours. Reminder: you are here forever.
Jannie ban portal.
The last post?
The hacker brought /qa/ back to gloat.
Trolling Hiroshi
Board stats.
4chan pass users are safe.
Hotpocket Helper
Jannies didn't like being called jannies.
I signed up when I was hammered.
GrapeApe's advice.
stuff
So 4chan very likely got hacked because they were running on an extremely out of date version of PHP that has a lot of vulnerabilities and exploits and are using deprecated function to interact with there MySQL database. Web security 101: Keep your code and software up to date. 
- 7zip of the source files
- List of mods and jannies in .txt format.
- Dump of the jannies private IRC channel
- Dump of the entire /j/ board (a board private only to board jannies)
- File tree.
- Autodoxxed jannies/mods/admin in JSON.
- A bunch of posts from /j/. The janitor's hidden board.
further reading
- Soyjack.party website
- Archived thread depicting the damage and joy.
- WE WON DATAMINE THE EMAILS NOOOOOOOOOOOOOOOOOOOOOOOW (archive link)
- Soyjak wiki (reminder that I need to add that to the Wikipedias article).
references
- ↑ Things nobody cares about.