Forum - View topic

NEWS: Crunchyroll's Website Redirected to Server With Malicious Software

Can't help but notice this happened the same week a semi-viral video went up encouraging people to pirate anime. I doubt the creator had anything to do with it but I wouldn't be surprised if someone watched it and felt "inspired."

It was the most excuse-laden entitled video I've watched regarding anime piracy, he said that if we all pirated it would force official sites to "innovate". It was the stupidest thing I've heard in awhile, if fans started mass piracy, Crunchyroll, Funimation, Sentai, etc, would just start hiring teams to take down illegal stream links. Netflix has a team and that's all they do.

Are you sure? Multiple people said the file automatically downloaded when you went to CR's home page.

Frankly, the people that downloaded the file are probably the same ones that would fall for a "You need to update your Flash/Java" prompt inserted on a legit website by malicious advertising.

One, this is a sad event by a sad individual or group of individuals. More likely than not if they are ever heard from, they will profess to being some sort of social justice seekers, decrying some wrong they feel Crunchyroll is guilty of, and this being their way of bringing attention to it/ hurting Crunchy for it.

Second, asking for compensation is a terrible idea, liable to be a reason someone would do this in the first place, and generally an inspiration for others to take similar actions. I believe that it is bad policy for any company to make such payments. Part of the reason these hackers want to do these sort of things, much like the reason a number of criminals look to commit their various crimes, is the notoriety it gets them; the fame and fortune and glory they're not only able to get from the victim, but the amount they can make the victim bleed - literally and metaphorically. It's a feather in their cap to say, "I made 'Company X' lose this much money when i hacked/DNS/DDoS their website." Unless the company has some actual wrongdoing, I don't think it's appropriate for them to make any compensation or be expected to give compensation, in this sort of situation.

I think CatSword is right, from everything I've read, and my reading of the ANN article, suggests that the malware is of a particularly aggressive variety that will automatically download, regardless of the user's input. If that really is the case, that would suggest this wasn't just some "random" upset novice, as the terrible grammar and spelling in the fake message suggests. No to go too far down the rabbit hole, but it is entirely possible part of the planning was precisely to use such bad grammar and spelling so as to make people believe the culprit was unsophisticated or not familiar with the English language - perhaps a ploy to cast the blame on someone else.

It would depend on the configuration of your browser. The browser I normally use for CR prompts me to select the download directory first, which also allows me to cancel any download.

Even if the download was automatic for a user's browser, it still required the user to run the file to do anything.

still it really bugs me when people do stuff like this, don't they have better things to do

That being said, people are saying this thing downloads itself automatically and installs itself automatically.

I just hope it doesn't affect everyone that badly. I have to wonder why people hack sites like CR or ANN. Myanimelist would be the first site that comes to my mind when talking about an anime site getting hacked.

An automatic download is possible with some browser configurations, but automatically installing is not.

While it is possible in some browsers to immediately run a file (it effectively downloads it to a temporary location and runs it), that requires user interaction. As would the UAC prompt that would pop up on any OS since Vista (at least where the user didn't do something silly like disabling User Access Control).

Probably because these hackers come from the anti-industry segment of the anime viewerbase, which is very well-represented on MAL. ANN and CR are either part of the legitimate industry or vocal advocates of it. Especially with the aforementioned pro-piracy video saying that Crunchyroll needs to be "forced to innovate" through punishment -- it's stochastic terrorism. "Oh, won't someone rid me of this priest?"

Because what better way to turn people away from CR/legal sites and towards bootleg streaming sites (which certainly don't lack for malware issues themselves!), then to hack CR and keep a Big Lie about CR and malware oozing through the anti-industry fever swamps for the foreseeable future? Just look how effective that seventhstyle speculatio-ganza blog post a few years ago was at convincing people of the alleged insignificance of CR's contributions to the industry.

Could that user interaction be disguised, as something like a prompt to click "OK"? I haven't used Crunchyroll since the hack and I'm on a Mac so I haven't seen it myself, but I've seen some other cases of malware in which they create a fake message for the user (like an error message or a loading message), and I've seen on previous Windows computers I've used something that looks very suspicious and shady but has no cancel option (or it's invisible or behind something that I couldn't find)

The browsers I am aware of that allow running a file rather than downloading it are Internet Explorer and Microsoft Edge, and I don't know of any way to present a dialog from the website that could trigger the "run" action instead of download, much less bypass a UAC prompt (which is part of the OS, not the browser).

So there's no way for something like this to even be covertly downloaded, even in a way as to trick the user into thinking the permission to download it is something else? (I don't mean tricking the user into thinking the malware is something else, but that clicking "OK" on a dialogue box would start downloading the file.)