Welcome to /mlpol/ weary travellers. In this thread I will collect what I can find about the 4chan hack and try to provide a base camp for those lost 4nons that have managed to find their way here. Feel free to add anything you know or swap stories as well. The following is roughly gathered to ensure it is saved.
kiwifarms threads: https://kiwifarms.st/threads/4chan.37222/page-421#post-21099990
janny lists
https://kiwifarms.st/threads/4chan.37222/page-474#post-21102637
yotsuba sauce
https://kiwifarms.st/threads/4chan.37222/page-475#post-21102680
Hiro on twitter: https://xcancel.com/4chan/status/1912242601102844078
https://x.com/4chan/status/1912242601102844078
Commit messages on 4chan repo:
https://files.catbox.moe/yypkoa.txt
Potential information sources you may keep an eye on:
4chan's IRC channel on Rizon
Hiro's 4chan twitter: https://x.com/4chan
Sun article tracking the incident: https://www.the-sun.com/tech/14029069/4chan-down-updates-controversial-website-hacking/
Sinister/pol/: https://leftypol.org/
Know your meme article: https://knowyourmeme.com/memes/events/april-2025-4chan-sharty-hack-and-janitor-email-leak
Sharty: https://www.soyjak.st/news/thread/4104.html
4chan itself of course: https://boards.4chan.org/
NHNB: https://nhnb.org/fim/res/19935.html
Is it down: https://www.isitdownrightnow.com/4chan.org.html
reddit: https://www.reddit.com/r/technology/comments/1jzoofg/4chan_hacked_taken_down_emails_and_ips_leaked/
The Official thread by the man of the hour himself over on SoyJack.st: https://www.soyjak.st/soy/thread/10615723.html
The sharty's own summary of events: https://wiki.soyjak.st/The_Great_Cuckset
Janny logs: https://bvll.neocities.org/j/
/mlpol/ - My Little Politics
570 replies and 101 files omitted.
>>384069
Janny logs block 1:
>#253
Discussion on the rules governing rapidshared content on /co/ and the possibility of updating them.
>#272
About the policy on motivators on /a/.
They are to be deleted and user banned if they persist.
>#281
About deleting unmarked spoilers on /a/.
They are to be deleted even if the series is old.
>#282
A janny is unsure on what should be deleted on /s/. They are bothered by fake tits and female bodybuilders and wonder if they should be allowed.
They are told by a Mod that discussion should improve the board as a whole. Good discussion should be left alone even if the content personally displeases them. The picture should be judged on its own merits.
Another janny then says that they will instantly delete any picture they consider "gross" even if people seem to be enjoying it, and that they believe the board has too much porn on it.
Finally something about "report "misa campo/leah dizon" catchphrases as ban-requests"
>#288
Asking whether they should delete dogs, cats and prinnies from /c/ as they should apparently be posted on /cm/.
Told that animal pictures as well as anything close to furry should be deleted with the exception of catgirls.
A mod asks why anime animals can't be posted on /a/.
People then agree and say anime animals are fine, just no furries or photographs.
>#295
Asking whether fapping to female mech pilots is allowed on /m/.
Another janny says they would rather not see female pilots on /m/. That /m/ is sfw so there should be nothing too revealing and that they can be strict about it being a mech board so at least try to relate it to a mech.
>#307
Another website is flooding /g/. Discussion about what the jannies are doing about it.
[Read more] Janny logs block 1:
>#253
Discussion on the rules governing rapidshared content on /co/ and the possibility of updating them.
>#272
About the policy on motivators on /a/.
They are to be deleted and user banned if they persist.
>#281
About deleting unmarked spoilers on /a/.
They are to be deleted even if the series is old.
>#282
A janny is unsure on what should be deleted on /s/. They are bothered by fake tits and female bodybuilders and wonder if they should be allowed.
They are told by a Mod that discussion should improve the board as a whole. Good discussion should be left alone even if the content personally displeases them. The picture should be judged on its own merits.
Another janny then says that they will instantly delete any picture they consider "gross" even if people seem to be enjoying it, and that they believe the board has too much porn on it.
Finally something about "report "misa campo/leah dizon" catchphrases as ban-requests"
>#288
Asking whether they should delete dogs, cats and prinnies from /c/ as they should apparently be posted on /cm/.
Told that animal pictures as well as anything close to furry should be deleted with the exception of catgirls.
A mod asks why anime animals can't be posted on /a/.
People then agree and say anime animals are fine, just no furries or photographs.
>#295
Asking whether fapping to female mech pilots is allowed on /m/.
Another janny says they would rather not see female pilots on /m/. That /m/ is sfw so there should be nothing too revealing and that they can be strict about it being a mech board so at least try to relate it to a mech.
>#307
Another website is flooding /g/. Discussion about what the jannies are doing about it.
>>384069
Janny logs random 1:
>4471
Jannies talking about cooking? I guess if anyone needed proof they aren't robots.
>5147
Surprisingly reasonable discussion of banning gun control posts on /k/. They seem to recognize that it can be on topic.
>5333
Jannies noticing that everything on /a/ and /v/ is political around the 2016 election.
>8289
Jannies celebrating Christmas
>9838
Jannies pondering when and why new boards are created. Ends with the excerpt I posted.
[Read more] Janny logs random 1:
>4471
Jannies talking about cooking? I guess if anyone needed proof they aren't robots.
>5147
Surprisingly reasonable discussion of banning gun control posts on /k/. They seem to recognize that it can be on topic.
>5333
Jannies noticing that everything on /a/ and /v/ is political around the 2016 election.
>8289
Jannies celebrating Christmas
>9838
Jannies pondering when and why new boards are created. Ends with the excerpt I posted.
Janny ban control.
For anyone interested in looking up usernames: https://github.com/sherlock-project/sherlock
Bored lately.
So I made this to commemorate the happening.
You're welcome.
So I made this to commemorate the happening.
You're welcome.
>>384084
>Mr.
>Literally just some normal dude
Ironic to call him "Tranny Admin" when the word "Tranny" is an instaban for LGBT discrimination on Soyjak party. You Jaktards are the quintessential projecting faggots.
>Mr.
>Literally just some normal dude
Ironic to call him "Tranny Admin" when the word "Tranny" is an instaban for LGBT discrimination on Soyjak party. You Jaktards are the quintessential projecting faggots.
>>384117
I checked desuarchive out of curiosity. Every thread that was active when it happened has been dumped to the archive, so if they do bring it back, it's more or less a complete reset.
Guess that's for the best, people were mad at me for this get.
I checked desuarchive out of curiosity. Every thread that was active when it happened has been dumped to the archive, so if they do bring it back, it's more or less a complete reset.
Guess that's for the best, people were mad at me for this get.
>>384120
>complete reset
like that one time their DB failed and many boards had their catalog wiped?
would be interesting to see first new threads on all boards
I hope /po/ gets something interesting
>complete reset
like that one time their DB failed and many boards had their catalog wiped?
would be interesting to see first new threads on all boards
I hope /po/ gets something interesting
>>384124
Noooo, you can clean slate /mlp/ and the like, but /po/ is /po/
Every thread there is an old growth coastal redwood, it's ancient
Noooo, you can clean slate /mlp/ and the like, but /po/ is /po/
Every thread there is an old growth coastal redwood, it's ancient
>>384165
Yeah, every thread there is like 5 years old and new posts happen every other week, they're also the chillest anons around, dudes just wanna do paper stuff
Can't just kill that off and start from scratch
Yeah, every thread there is like 5 years old and new posts happen every other week, they're also the chillest anons around, dudes just wanna do paper stuff
Can't just kill that off and start from scratch
ETA: Few Days
>>384226
I honestly think this is going to kill the site. Anons are getting comfy in their new altchans and when 4chan comes back the cuck timer is going to remind people why those altchans exist in the first place.
I honestly think this is going to kill the site. Anons are getting comfy in their new altchans and when 4chan comes back the cuck timer is going to remind people why those altchans exist in the first place.
>>384226
>a few days
Watch it go down again shortly after. A few days is not enough to fix the internal issues 4chan has.
>a few days
Watch it go down again shortly after. A few days is not enough to fix the internal issues 4chan has.
Something tells me that a lot of staff have quit and no way in hell they're achieving the old staff count when it's still hot news. The few that are remaining will become even worse cunts than before while still doing J-A-C-K-S-H-I-T to counter the shitposting.
rapeape email (real????)
approx 7 hours ago
Hey,
I'm sending this to everyone, just in case there are people who weren't in Discord or IRC, haven't been paying attention to the news, and are completely unaware of the events that have transpired, but are still checking their email. On the afternoon of April 14th, one of our servers was breached. The attacker managed to exfiltrate quite a bit of data before going public with a brief shitposting spree, at which point I became aware of what had happened and shut the servers down. Over the next ~24 hours the hacker released some of the data he had taken.
Relevant to you are that he released mod and janitor usernames, password hashes, email addresses, and the IP address last used to log in. With this information made public, people were able to find additional information from public sources, including major data breaches on other websites, to partially or fully dox some 4chan mods and janitors. Even if you have not been doxxed, please check your email address against https://haveibeenpwned.com/ to see if there may be leaks of data from other websites that may be associated with you.
Unfortunately there's no way for us to take this back and undo the harm that you've suffered due to this hack, but you can take steps to mitigate further harm. I'd recommend that everyone change the password of the email account you used when applying to be a janitor, and any other email accounts you have used thereafter in association with 4chan. You should also add two-factor authentication if at all possible, ideally via an authenticator app, such as Google Authenticator or Authy.
I would also recommend using a password manager of some sort, such that you can use strong passwords easily. Keepass or KeepassXC are good examples, but there are other popular password managers such as Bitwarden, 1Password, or those integrated into popular browsers like Firefox. Generate random passwords of at least 16 characters using upper case, lower case, numbers, and symbols. Do not re-use any passwords. If you had used the password associated with your mod or janitor account elsewhere for some other account(s), you should change that password for those other accounts as soon as you can. We will be doing a forced password reset when the site is back up, and 2FA via an authenticator app will be mandatory for both mods and janitors.
Most IPs are dynamic, but if your IP address is static, you can usually just unplug your modem or router overnight to get a new one. Failing that, you should consider calling your ISP to have it changed. In either case, you should also consider using a VPN such as NordVPN, Surfshark, or Private Internet Access (there are plenty of options here).
A lot of you will want to change your login names, discord names, or email addresses. I will contact each of you individually on Discord to discuss these changes, so please wait until I do so. Much easier keep things organized that way, contacting each person in turn rather than having to get blasted with hundreds of emails or Discord messages of people asking to change info.
As for when the site will be back (and it will be back), "We get there when we get there". Obviously we have a lot of work ahead of us with respect to patching holes and updating software, so please bear with us. Maybe catch up on your backlog, watch some anime, play some vidya, and enjoy this extended break from reports and shitposting.
For those of you who have had personal information exposed, I'm sorry this happened. We had bought new servers a few months ago and were working to transfer 4chan's functionality to them as quickly as we could, but obviously we weren't fast enough, and all of you have suffered due to our failure. I know you've placed your trust in us to keep your personal information safe, and we have let you down. I can't undo what happened, but we're going to do everything we can as fast as we can to secure 4chan's servers and codebase, and get the site back online. All I can do is hope that, despite what you've suffered, that you'll continue to help keep this community alive. There's nothing else quite like it on the internet, and without you, there might never be anything like it ever again.
Regardless of your personal decisions in the coming days and weeks, I want to thank you for all the time and effort you've put in to this website and this community. 4chan's users might not show it openly, but I know they appreciate what you do as well. I think they'll appreciate you even more when 4chan returns, as now they've had time to feel 4chan's absence, and absence makes the heart grow fonder.
Odds are the contents of this email will be posted on Sharty and Kiwifarms shortly after I send it, but I don't much care. If they want to make fun of me for appreciating the 4chan Team, they can go right ahead. I think you are all wonderful and I don't care who knows.
I will be in touch with each of you via Discord in the coming days, but if there's something that can't wait, please reach out.
--GrapeApe
[Read more] approx 7 hours ago
Hey,
I'm sending this to everyone, just in case there are people who weren't in Discord or IRC, haven't been paying attention to the news, and are completely unaware of the events that have transpired, but are still checking their email. On the afternoon of April 14th, one of our servers was breached. The attacker managed to exfiltrate quite a bit of data before going public with a brief shitposting spree, at which point I became aware of what had happened and shut the servers down. Over the next ~24 hours the hacker released some of the data he had taken.
Relevant to you are that he released mod and janitor usernames, password hashes, email addresses, and the IP address last used to log in. With this information made public, people were able to find additional information from public sources, including major data breaches on other websites, to partially or fully dox some 4chan mods and janitors. Even if you have not been doxxed, please check your email address against https://haveibeenpwned.com/ to see if there may be leaks of data from other websites that may be associated with you.
Unfortunately there's no way for us to take this back and undo the harm that you've suffered due to this hack, but you can take steps to mitigate further harm. I'd recommend that everyone change the password of the email account you used when applying to be a janitor, and any other email accounts you have used thereafter in association with 4chan. You should also add two-factor authentication if at all possible, ideally via an authenticator app, such as Google Authenticator or Authy.
I would also recommend using a password manager of some sort, such that you can use strong passwords easily. Keepass or KeepassXC are good examples, but there are other popular password managers such as Bitwarden, 1Password, or those integrated into popular browsers like Firefox. Generate random passwords of at least 16 characters using upper case, lower case, numbers, and symbols. Do not re-use any passwords. If you had used the password associated with your mod or janitor account elsewhere for some other account(s), you should change that password for those other accounts as soon as you can. We will be doing a forced password reset when the site is back up, and 2FA via an authenticator app will be mandatory for both mods and janitors.
Most IPs are dynamic, but if your IP address is static, you can usually just unplug your modem or router overnight to get a new one. Failing that, you should consider calling your ISP to have it changed. In either case, you should also consider using a VPN such as NordVPN, Surfshark, or Private Internet Access (there are plenty of options here).
A lot of you will want to change your login names, discord names, or email addresses. I will contact each of you individually on Discord to discuss these changes, so please wait until I do so. Much easier keep things organized that way, contacting each person in turn rather than having to get blasted with hundreds of emails or Discord messages of people asking to change info.
As for when the site will be back (and it will be back), "We get there when we get there". Obviously we have a lot of work ahead of us with respect to patching holes and updating software, so please bear with us. Maybe catch up on your backlog, watch some anime, play some vidya, and enjoy this extended break from reports and shitposting.
For those of you who have had personal information exposed, I'm sorry this happened. We had bought new servers a few months ago and were working to transfer 4chan's functionality to them as quickly as we could, but obviously we weren't fast enough, and all of you have suffered due to our failure. I know you've placed your trust in us to keep your personal information safe, and we have let you down. I can't undo what happened, but we're going to do everything we can as fast as we can to secure 4chan's servers and codebase, and get the site back online. All I can do is hope that, despite what you've suffered, that you'll continue to help keep this community alive. There's nothing else quite like it on the internet, and without you, there might never be anything like it ever again.
Regardless of your personal decisions in the coming days and weeks, I want to thank you for all the time and effort you've put in to this website and this community. 4chan's users might not show it openly, but I know they appreciate what you do as well. I think they'll appreciate you even more when 4chan returns, as now they've had time to feel 4chan's absence, and absence makes the heart grow fonder.
Odds are the contents of this email will be posted on Sharty and Kiwifarms shortly after I send it, but I don't much care. If they want to make fun of me for appreciating the 4chan Team, they can go right ahead. I think you are all wonderful and I don't care who knows.
I will be in touch with each of you via Discord in the coming days, but if there's something that can't wait, please reach out.
--GrapeApe
>>384120
>Every thread that was active when it happened has been dumped to the archive
damn that blows but i suppose i was somewhat naive to assume i could just pick up where i left off like last time the site went down
this time is some real shit
read somewhere someone say it would take a couple weeks for them to get the site back on the rails
>Every thread that was active when it happened has been dumped to the archive
damn that blows but i suppose i was somewhat naive to assume i could just pick up where i left off like last time the site went down
this time is some real shit
read somewhere someone say it would take a couple weeks for them to get the site back on the rails
>>384242
I haven't spent much time looking into it, but the retards apparently went something like a fucking decade without updating their software. I work in IT and I sausage if events conspire to stop us from deploying updates to our systems within 30 days. I suppose bigger things like OS updates are a bit slower and we wait for the vendor to release the first round of patches or two so that we're not the early adopters, but we always have a fucking plan to get everything updated before end of life.
I haven't spent much time looking into it, but the retards apparently went something like a fucking decade without updating their software. I work in IT and I sausage if events conspire to stop us from deploying updates to our systems within 30 days. I suppose bigger things like OS updates are a bit slower and we wait for the vendor to release the first round of patches or two so that we're not the early adopters, but we always have a fucking plan to get everything updated before end of life.
>>384243
feel like in the coming years after its eventual death rattle more will come out about the mismanagement of the site that has led to catastrophic shit like this
has moot written a book yet? id read it if he ever does
feel like in the coming years after its eventual death rattle more will come out about the mismanagement of the site that has led to catastrophic shit like this
has moot written a book yet? id read it if he ever does
>>384190
Not for certain but you can check to see if your email appears here:
https://haveibeenpwned.com/
Not for certain but you can check to see if your email appears here:
https://haveibeenpwned.com/
>>384262
That's not necessarily from this hack by the way it's just if you have been ever. If you are on it you should change your passwords and stuff though.
That's not necessarily from this hack by the way it's just if you have been ever. If you are on it you should change your passwords and stuff though.
>>384263
Fair. I did a complete overhaul wipe of my accounts a couple months ago, and neither my actual accounts nor my sock puppets have any registry
Fair. I did a complete overhaul wipe of my accounts a couple months ago, and neither my actual accounts nor my sock puppets have any registry
A bump to say we are still here. Hearing unconfirmed reports of the site being up within the week but we shall see. Now onto day 3 of being down.
I honestly don't even miss it anymore.
It's obvious at this point that the slower boards were just 99% jannies posting to flame bait and gaslight people, and the faster boards were 99% corporate/political shills stifling legitimate discussion and 100% of the time I would have otherwise wasted, taking the bait, on the off chance that I was actually having a legitimate conversation with another human being has now been diverted to things I actually enjoy.
It's obvious at this point that the slower boards were just 99% jannies posting to flame bait and gaslight people, and the faster boards were 99% corporate/political shills stifling legitimate discussion and 100% of the time I would have otherwise wasted, taking the bait, on the off chance that I was actually having a legitimate conversation with another human being has now been diverted to things I actually enjoy.
>>384355
Yeah, out of all catalogue on /mlp/ I only give a shit about the dozen of threads and participate in 2-5 at any given week.
Yeah, out of all catalogue on /mlp/ I only give a shit about the dozen of threads and participate in 2-5 at any given week.
>>384254
That would only work if Troy Hunt ends up getting ahold of a leaked database so he can add it to HIBP. So far said database doesn't exist and I doubt the hacker would care about selling it.
That would only work if Troy Hunt ends up getting ahold of a leaked database so he can add it to HIBP. So far said database doesn't exist and I doubt the hacker would care about selling it.
>>384355
The main reason that I miss 4chan are the general threads on /vg/. As shitty as the general threads were, they were a hell of a lot of better place to actually discuss a game than plebbit or discord.
The main reason that I miss 4chan are the general threads on /vg/. As shitty as the general threads were, they were a hell of a lot of better place to actually discuss a game than plebbit or discord.
>>384254
>>384364
>>384190
It's sort of a moot point. Hackers are not trustworthy actors. We know that a data breach has occurred. It is prudent to assume that any lists of email addresses associated with 4chan have been identified, and that any password that you may have used with 4chan has been compromised. If you re-use that password anywhere, then you should go change it as soon as you can.
>>384364
>>384190
It's sort of a moot point. Hackers are not trustworthy actors. We know that a data breach has occurred. It is prudent to assume that any lists of email addresses associated with 4chan have been identified, and that any password that you may have used with 4chan has been compromised. If you re-use that password anywhere, then you should go change it as soon as you can.
>>384355
I only miss /tg/ for the generals of the games I liked it and it doesn't look like they moved to any splinter.
I only miss /tg/ for the generals of the games I liked it and it doesn't look like they moved to any splinter.
>>384381
In general I sincerely believe that if you're not using a password manager in this day and age, you deserve to be hacked anyway. Just download keepass it's that easy
In general I sincerely believe that if you're not using a password manager in this day and age, you deserve to be hacked anyway. Just download keepass it's that easy
i refuse to trust digital password managers because it just feels like putting all of your eggs in one basket
all it takes is one one zero day exploit and it's game over
either memorize your passwords or if you absolutely must record them then write them on a sheet of paper and stash it in a safe or some other secured location because paper can't be hacked [yet]
all it takes is one one zero day exploit and it's game over
either memorize your passwords or if you absolutely must record them then write them on a sheet of paper and stash it in a safe or some other secured location because paper can't be hacked [yet]
>>384415
The thing is good password managers (for example: keepass = good, lastpass = bad) don't connect to the internet and the only thing that can be "hacked" is the encrypted database file, assuming you sync it between devices and put it in backups and stuff. But the encryption is normally very standard stuff that is almost impossible to get wrong unless you're a moron.
So the only way for the password manager to get exploited is if you get a virus on your computer and it tries to attack the manager. But if that happens it's game over anyway. A keylogger is vastly simpler than a secret 0-day and will slurp up all your passwords just the same.
The thing is good password managers (for example: keepass = good, lastpass = bad) don't connect to the internet and the only thing that can be "hacked" is the encrypted database file, assuming you sync it between devices and put it in backups and stuff. But the encryption is normally very standard stuff that is almost impossible to get wrong unless you're a moron.
So the only way for the password manager to get exploited is if you get a virus on your computer and it tries to attack the manager. But if that happens it's game over anyway. A keylogger is vastly simpler than a secret 0-day and will slurp up all your passwords just the same.
>>384415
>>384419
Here's my take for it. For anything TRULY important, such as the passwords for online banking/stock broker/etc, use a unique strong password and record it in duplicate on pen and paper and store them in a secure place like a safe or safe deposit box. It is a hassle storing them this way, but you shouldn't have too many accounts that fall into this category. I think a paper copy should be recorded so that close family can access the assorted banking accounts in the event of your death, or so that you can remember the password in the event that you are injured in a way that impairs your memory.
Furthermore you should have a dedicated computer for interacting with these critical accounts. A simple laptop or something should do. This banking computer should only have essential software installed on it and you should exclusively use it for banking tasks. No games, no recreational web browsing, etc. Just the barebones of what is needed for any interaction between your banking or investment accounts.
Then, on your recreational PC, use a password manager like keepass for everything else.
[Read more] >>384419
Here's my take for it. For anything TRULY important, such as the passwords for online banking/stock broker/etc, use a unique strong password and record it in duplicate on pen and paper and store them in a secure place like a safe or safe deposit box. It is a hassle storing them this way, but you shouldn't have too many accounts that fall into this category. I think a paper copy should be recorded so that close family can access the assorted banking accounts in the event of your death, or so that you can remember the password in the event that you are injured in a way that impairs your memory.
Furthermore you should have a dedicated computer for interacting with these critical accounts. A simple laptop or something should do. This banking computer should only have essential software installed on it and you should exclusively use it for banking tasks. No games, no recreational web browsing, etc. Just the barebones of what is needed for any interaction between your banking or investment accounts.
Then, on your recreational PC, use a password manager like keepass for everything else.
>>384436
Lines/phrases from poetry are my usual go to. William Barnes is quite good for complex passwords.
https://www.best-poems.net/poem/milken-time-by-william-barnes.html
Lines/phrases from poetry are my usual go to. William Barnes is quite good for complex passwords.
https://www.best-poems.net/poem/milken-time-by-william-barnes.html
[Reply] [Last 50 Posts] [Last 100 Posts] [Last 200 Posts]
You are viewing older replies. Click [View All] or [Last n Posts] to vew latest posts.
Clicking update will load all posts posted after last post on this page.
Post pagination: [Prev] [1-50] [51-100] [101-150] [151-200] [201-250] [251-300] [301-350] [351-400] [401-450] [451-500] [501-550] [551-600] [601-620] [Next] [Live (last 50 replies)]
620 replies | 117 files | 186 UUIDs | Page 3
[Add to Thread Watcher]