The popular anime site Crunchyroll has just been hacked.
The timing of the attack was unfortunate, as visitors who attempted to play Attack on Titan on the morning of November 4 were in for a rude shock.
The hackers had created and placed a fake page on the site, offering a malicious program named CrunchyViewer to site visitors.
Visitors were greeted with a pop-up suggestion that promoted the desktop streaming app CrunchyViewer, recommending viewers to download it.
However, the recommended app apparently contained malware.
If a visitor launched the file, a secret process would be set into operation and affect the visitor’s system.
However, the hack would not affect a mobile user, as the Crunchyroll team fixed the site quickly after discovering the deceptive CrunchyViewer program.
The purpose of the malware is not yet known. According to some analysts, it contained what is known as a keylogger virus.
Hack Caused by DNS Hijacking
According to Crunchyroll, the site was not subject to a hack per se, but there was a DNS hijacking where the hackers had been able to access the site’s Cloudflare accounts.
The hackers used this account for redirecting the traffic of the anime website to a different website under their control.
It was on this site that the pop up containing the CrunchyViewer program was visible to a visitor.
Crunchyroll Accounts Safe After Hack
Ellation is the parent company of Crunchyroll, and they explained that the hackers had hijacked the Cloudflare configuration that usually redirects visitors to Crunchyroll.
Therefore, whoever was behind the hack could steer the traffic to their rogue server that contained the malware.
The CrunchyViewer file directly targeted users of Windows PC systems.
The site owners immediately took down the website at 6 a.m., and they were able to bring back the right configuration for their Cloudflare services by about 9 a.m. before the service was fully restored by 9.30 a.m. The attack appears to have directly targeted the company’s Cloudflare account, rather than on Crunchyroll itself.
The site claims that their servers were not affected in any manner, stating users’ information was not at risk or compromised in any manner.
It was just an isolated hijacking episode and all accounts of users on Crunchyroll were safe.
The motivation of the hack on the anime site is not yet known.
However, it could possibly consist of a keylogger program for keeping tabs on users and their keyboards.
Those behind the hack would be able to get personal information about users, such as their online usernames, their passwords, and so on.
But regardless of the goal of the malware, it is important that you get it removed from your PC if you have downloaded it.
Steps to Take if You Were Affected by the Hack
Even if you have mistakenly downloaded the CrunchyViewer program containing the malware, you can follow the proper steps so that the virus does not affect your system.
Any user who feels that their computer has been attacked by the download can use Windows Defender or any other detection program for removing the malicious file.
You can also contact the customer support teams at Crunchyroll with your account to get help. Just execute the necessary instructions and CrunchyViewer should be gone from your system.
Now, however, the problem seems to have been sorted out.
The malware is no longer being spread through Crunchyroll.
The anime website is up and running again, so if you wish to catch up on the latest episodes of Dragon Ball Super, you can go about it without fear.