Forum - View topicNEWS: Ellation Posts Update on Crunchyroll Redirect Issue, Explains Steps to Get Rid of Malware
|
Goto page 1, 2 Next Note: this is the discussion thread for this article |
| Author | Message | |||
|---|---|---|---|---|
|
Mune
Posts: 383 Location: Minnesota |
|
|||
|
I was lucky enough not to have any installer come up. I just got an error, but this is still a sad day for Crunchyroll. It may even have a negative impact on the site and service because it shows a lack of security. Many people who have accounts, paid and non-paying, may have been compromised. Yet, that is not being addressed at all.
I'm glad Crunchyroll and it's parent company, Ellation, has taken charge of the situation in a timely manner. It shows that they took responsibility of the situation and how to solve the most important parts of this problem first. I'm hoping that they eventually address all of the issues. |
||||
|
||||
|
Thorfinn
|
|
|||
|
Wow, so reassuring to see they said they'd prevent this from happening again and good to see they will improve their security in the futur-
OH WAIT, they didn't even bother to say that much. Are they hoping people forget about this, like everyone forgot about their encodimg issue they had, by the way, they still haven't fixed the vast majority of their catalogue yet, you know, the older stuff. |
||||
0nsen
 Posts: 256 |
|
|||
|
People don't have long memories. The Sony hacks are long forgotten, it seems. So is the red ring of death and that time earlier this year ANN's .com domain got haxx0red. And who was this Snowden guy again? Animators being paid a pittance, KyoAni doing FMP..
I bet nobody cares about this by Christmas. |
||||
|
||||
|
ArnisEnthusiast
Posts: 74 |
|
|||
|
So... if anything it was CloudFlare's fault? I thought that was really secure too.
|
||||
|
||||
mgosdin
 Posts: 1302 Location: Kissimmee, Florida, USA |
|
|||
|
Your security is only as good as the weakest link in the chain, that is normally the end user but in this case it was Cloudflare. Not much Crunchyroll can do if their intermediary has a problem. Targeting Cloudflare should be orders of magnitude more difficult than Crunchyroll ( or ANN which uses them as well ) proper, but still a way was found.
My advice would be to have a few third parties involved in your IT operation as possible. Not that anyone would take my advice. Mark Gosdin |
||||
|
||||
|
GoldCrusader
Posts: 1023 |
|
|||
|
Sounds like Cloudflare is the one having problems right now. They are the one transferring users right? Not much Crunchyroll could do.
|
||||
|
||||
Kadmos1
 Posts: 13626 Location: In Phoenix but has an 85308 ZIP |
|
|||
|
There is no really no such thing a perfectly secure server. Even if you add in all necessary security features, someone out there is smart enough to find a tiny hole in that barrier.
|
||||
|
||||
|
Erebus25
Posts: 10 |
|
|||
|
I guess there wasn't much CR could've done about it, but it still took them 2 and a half hours to take the site offline.
|
||||
|
||||
|
yurihellsing
|
|
|||
Why not people seem to have forgotten how they got started not sure if they took money for it but they first started with fansubs and weren't even legit IIRC. |
||||
Northlander
 Posts: 911 |
|
|||
No, it's whoever hacked that site and put the EXE file out there who's at fault. Regardless of how secure anyone thinks Crunchy or Cloudflare should be, let's not pretend it's anyone's fault but whoever did this in the first place. The fact that someone thinks a VICTIM of a hacking episode should be to blame is.... an unappetizing attitude. |
||||
|
||||
|
Lord of Fire
Posts: 16 |
|
|||
If that blame stems from irresponsible behavior, then yes, they should share part of the blame, especially if people were compromised due to the virus. Now, I'm not saying CF failed to properly secure their servers, but if it turns out that they did pretty much gave hackers a free pass into their systems (intentional or not), then they should be held accountable for that. |
||||
|
||||
slau783
 Posts: 40 |
|
|||
This sounds like a classic case of phishing. Notice that it is reported that the configuration for Crunchyroll's Cloudflare was modified. Cloudflare itself was not hacked and is working appropriately. Most likely someone at Crunchyroll got an email from a hacker pretending to be Cloudflare. It would have a link to a login page to verify the account or some other urgent sounding claim. That person clicks the link and enter's Crunchyroll's login credentials. Now the hacker has all they need to go in and change the redirect to their own malicious website. This is incredibly common. |
||||
|
||||
|
hickey92
Posts: 25 |
|
|||
People always seem to bring this up, but I've never understood the point. It always seems to be brought up as a reason to not subscribe to them and use illegal sites instead. They've been a legitimate site for nearly ten years now, so why does it matter that they 'used' to be an illegitimate one? |
||||
|
||||
Blood-
 Bargain Hunter Posts: 24205 |
|
|||
|
@ hickey92 - I know, I roll my eyes whenever I see this. Guarantee you that 100 years from now some dumbass is going to write, "I can't support Crunchyroll because they started off illegit in the last century."
|
||||
|
||||
|
yurihellsing
|
|
|||
Oh I'm from the old days where you had 4 or 5 groups subbing one show and sometimes you got to speak with them and get to know them. It's kinda bad to see someone's hard work you translating, typesetting, etc being on a site with a pay wall when they gave it out for free. Also almost 10 years of legitimacy with region blocking on the side does not make up for the time spent illegitimate. |
||||
 |
All times are GMT - 5 Hours |
|
|
|
Powered by phpBB © 2001, 2005 phpBB Group