Crunchyroll Hacked with Vicious Redirect!!

November 4, 3:30am PST, on a big release day in Japan and Simulcast in the US, Crunchyroll has been hacked. Oh, no and not only hacked. The site and all of it’s social media is informing people to stay off the site, because of a redirection to a malicious site. BEWARE!! I couldn’t believe the shocking news, it’s a good thing I didn’t wake up to check on the new drops. Oh, boy what will the ramifications be for the company. You guys know I love Crunchyroll, but this is a BIG DEAL. It only comes a couple weeks before AnimeNYC, which is sponsored by Crunchyroll. Give the site a 24 hour break all you fans, including me!!

UPDATE Here is Ellation’s Statement: (Parent Company of Crunchyroll)

At 3:30am PST this morning, malicious individuals gained access and altered our Cloudflare configuration. Cloudflare sits between incoming visitors and Crunchyroll, and normally redirects traffic to Crunchyroll servers. The attackers redirected incoming visitors intended for the Crunchyroll.com website to a non-Crunchyroll-hosted server with the intent for visitors to download a malicious file, named “CrunchyViewer.exe.” This file is malware directly targeting Windows PC web users. We took down the site at 6:00am PST as a precaution and were able to re-secure and restore the correct configuration to our Cloudflare service at 9:00am PST. The Crunchyroll service was fully restored by 9:30am. We’ve identified this as an isolated attack on our Cloudflare layer, and not Crunchyroll itself. As such, our servers were not compromised in any way, and none of our users’ secure information and data was at risk. We take security very seriously, and will pursue this malicious attack on our users to the fullest extent of the law. We will continue to provide updates as we gather more information.

If you were a Windows user who downloaded the malware file from 3:30am to 9:00am PST this morning, it is important to take these steps to remove the malware from your system:

If you downloaded but did not run the file, you are not exposed to the effects of this malware.

  • Delete “CrunchyViewer.exe” from your file system
  • As precaution, please perform a scan with an antivirus/anti-malware product

If you downloaded and ran the “CrunchyViewer.exe” application:

  • Delete “CrunchyViewer.exe” from your file system
  • Remove the malicious “Java” Run key (You can find Information on how to edit the Windows Registry in the Microsoft support database if you are unfamiliar with the steps)
  • Open Regedit, and browse to: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Delete the Java key
  • Remove the malicious binary, by navigating to: %appdata%\Roaming (for example: C:\Users\Yourusername\AppData\Roaming\)
  • Delete the ‘svchost.exe’ file
  • Perform a scan with your installed antivirus product

We are providing the above instruction to assist you with the removal of the .exe file. We recommend that you contact Microsoft or other knowledgeable technical support directly for specific questions related to the Windows operating system.

If you have any further questions about your Crunchyroll account, please contact our Customer Support Team: http://www.crunchyroll.com/help?topic=contact

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s