Crunchyroll website hack tried to infect visitors with malware (updated)

Jon Fingas

Hacks that target major websites are nothing new, but Crunchyroll just suffered a particularly vicious attack. The anime streaming service was compromised for hours on November 4th after intruders planted a fake home page that pushed a malicious "CrunchyViewer" program to visitors. If Windows users were trusting enough to launch the file, it installed a mysterious background process that likely affected their systems. Mobile users were safe, although Crunchyroll noted that they weren't functional simply because the web team was fixing the website.

It's not certain just what happened or who was responsible. We've asked Crunchyroll for details and will let you know if it has more to share. It's evident that the site was deliberately targeted, though, and the perpetrators caught the site off-guard. As Customer Support Lead Nate Ming put it, the hack was the "first thing" some on the team woke up to in the morning. And the timing was definitely less than ideal if you were a viewer -- you may have received a rude surprise if you spend Saturdays catching up on Dragon Ball or Attack on Titan.

Update: Crunchyroll's parent company Ellation has explained what happened. Intruders managed to hijack and control the company's Cloudflare configuration, which normally redirects traffic to Crunchyroll. They steered it to the rogue server hosting the malware. Thankfully, it was an "isolated attack" -- it targeted Cloudflare, but not the actual website. If you have a Crunchyroll account, it's safe and sound.

If you downloaded that executable? You're not necessarily in trouble. You're fine if you didn't run the hostile program. If you did, you can manually remove the rogue files and registry entries. The team hasn't identified a perpetrator, but it's still hours after the attack; more definitive answers will likely take some time.

Crunchyroll (Twitter 1), (2), Nate Ming (Twitter)

  • This article originally appeared on Engadget.