The notorious imageboard 4chan is down following what appears to be a major hack of its backend. The hackers claim to have exposed code for the site, the emails of moderators, and a list of mod communications. This happened, it seems, as part of a five year long, inter-image board beef between users of 4chan and Soyjak, another image board that splintered off of 4chan.
It’s still unclear what the fallout of the hack will be, but the notorious image board remains down and a huge amount of data appears to have been leaked.
Users struggled to load 4chan on the evening of April 14, 2025, according to posts on other imageboards and forums. A few hours before that, the banned board /qa/ reappeared on the site and someone using the hiroyuki account, named after 4chan’s owner Hiroyuki Nishimura, posted “FUCKING LMAO” and “U GOT HACKED XD.
The hiroyuki account was flagged in bold red as an admin, suggesting the person posting the messages had control over a real admin account. /qa/ was a “questions and answer” imageboard on 4chan. Pitched as a place to discuss concerns that affected the whole of 4chan, /qa/ was in practice a board where various factions fought.
Soyjak is a popular meme you’ve probably seen before. It’s a balding man with glasses and shaggy beard, his mouth agape in docile joy. He is now the name of a rival imageboard.
At about the same time 4chan struggled to load, someone on the soyjak.st posted a thread that claimed to explain what happened. “Tonight has been a very special night for many of us at the soyjak party,” the thread said. “Today, April 14, 2025, a hacker who has been in 4cuck’s system for over a year, executed the true operation soyclipse, reopening /qa/, exposing personal information of various 4cuck staff, and leaking code from the site.”
The thread shared images of the resurrected and defaced /qa/ board as well as what appear to be screenshots from 4chan’s internal moderation tools. The screenshots included discussion about why users had been banned from 4chan, pieces of its backend in phpMyAdmin (the infrastructure that runs 4chan and other forums and imageboards), and traffic stats for specific boards.
Elsewhere on the internet, someone leaked an alleged list of moderator email addresses and a portion of what they described as the “source code” for the site. 404 Media reached out to an email in the leaked list that appeared to be for Nishimura but did not hear back.
It appears that 4chan was susceptible to a hack because it was running very out of date code that contained various vulnerabilities, according to 404 Media’s look at the code and people sorting through the hack online.
So 4chan very likely got hacked because they were running on an extremely out of date version of PHP that has a lot of vulnerabilities and exploits and are using deprecated function to interact with there MySQL database.
Web security 101: Keep your code and software up to date. pic.twitter.com/JFDOsbr5rt
— Yushe (@_yushe) April 15, 2025
That starts to answer the question of how this happened. But why did it happen? This all has roots in a five year old meme fight.
Soyjak.party, the site where a user began posting about the 4chan hack, was an offshoot of 4chan created as a joke about five years ago. Besides being a general cesspool,
4chan has long been a place that incubates memes. lolcats, the NavySeal copypasta, and Pepe the Frog grew and spread on 4chan’s imageboards. From time to time a meme is overplayed or spammed and mods on the site get tired of it.
Five years ago, users spammed the /qa/ board with soyjaks. Unable to quash the tide of soyfaced jpegs, 4chan shut down the entire /qa/ board. The soyajk loving exiles of 4chan started a new site called soyjak.party where they could craft open mouthed soyboy memes to their heart’s content. When 4chan was hacked on the night of April 14, the /qa/ board briefly returned. “/QA/ RETURNS SOYJAK.PARTY WON” read a banner image at the top of the board.
As of this writing, 4chan is still down. When you attempt to access a specific board, the connection times out. “The initial connection between Cloudflare's network and the origin web server timed out. As a result, the web page can not be displayed,” the error page says.
I self-host open source software, pay for services that I don't want to host (email, etc) and I prefer buying things to subscribing/renting things. I experience far less enshittification than most as a result.