Serious Imgur bug exploited to execute worm-like attack on 8chan users
A recently discovered attack on visitors of the 8chan image website went well beyond the venue’s usual script-kiddie fare by combining two weaknesses on that property with a potentially catastrophic vulnerability on the wildly popular photo-sharing site Imgur.com.
The hack had the potential to take on worm-like properties, in which a handful of viral images could generate an endless stream of traffic and millions and millions of new infections. It never got to that point, because Imgur fixed the Web-application bug on its site Tuesday morning, while 8chan temporarily blocked the execution of files based on Adobe’s Flash media player. With the immediate threat averted, the question security researchers’ asked was, why was a vulnerability so potentially powerful as the one exploited against Imgur squandered on such a limited number of people?