4CHAN Gets Hacked, Moderator Identities Potentially Exposed

Some of the leaked email addresses allegedly tied to 4chan moderators and janitors appear to use .edu and .gov domains. This has sparked speculation that certain staff members may be affiliated with academic institutions—or even federal agencies. While talk of federal involvement is gaining traction online, these claims remain unverified. Cybersecurity experts warn against jumping to conclusions without solid proof.

According to reports, the attack appears to be legitimate. Screenshots show the site’s backend infrastructure, moderation tools, and user ban templates — tools only available to site staff like moderators and “janitors.” These users, who have the ability to remove posts and view user IPs, now face doxxing threats after their email addresses were exposed in the leak.

The hacker reportedly exploited a security vulnerability involving 4chan’s PDF upload system. While only certain boards allow PDF uploads — like /gd/, /po/, /qst/, /sci/, and /tg/ — the site failed to check if the uploaded files were actually PDFs. This oversight let attackers upload a malicious PostScript file, which 4chan’s outdated 2012 version of Ghostscript tried to process. That gave the hacker a way in, and from there, they used a flawed suid binary to gain deeper access.

Contrary to early rumors, the hacker says they did not access or leak data from 4chan Pass subscribers — users who pay to bypass CAPTCHA and gain access to exclusive boards. In a post circulating online, the hacker said the breach was “just for fun,” adding, “I didn’t even bother with user data.”

The breach is believed to have originated from Soyjak Party, a spinoff board formed by former /qa/ users. Soyjak Party has a long history of trolling and raiding 4chan, and some users there claimed the hacker had access to 4chan’s systems for over a year.