Security Experts On Popular MangaDex Site Shuts Down Due To Cyberattack

Manga scanlation giant MangaDex has been temporarily shut down after suffering a cyberattack and having its source code stolen. MangaDex is one of the largest manga scanlation (scanned translations) sites where visitors can read manga comics online for free. According to SimilarWeb, MangaDex is the 179th most frequently visited site on the web, with over 76 million visitors per month.

Experts Comments

March 23, 2021
Timothy Chiu
Vice President of Marketing
K2 Cyber Security

In this recent announcement about a vulnerability at MangaDex, a combination of problems led to the loss of data: the company disclosed that session tokens were able to be re-used, a significant application vulnerability, and the threat actor also reported that other RCE vulnerabilities existed in the site (not verified). 

 

If that’s indeed the case, then the site is lacking protection against the types of well known vulnerabilities outlined by the OWASP Top 10 Web Application Security

.....Read More

In this recent announcement about a vulnerability at MangaDex, a combination of problems led to the loss of data: the company disclosed that session tokens were able to be re-used, a significant application vulnerability, and the threat actor also reported that other RCE vulnerabilities existed in the site (not verified). 

 

If that’s indeed the case, then the site is lacking protection against the types of well known vulnerabilities outlined by the OWASP Top 10 Web Application Security Risks.  These vulnerabilities are also addressed by the recent addition of RASP (Runtime Application Self-Protection) to the catalog of tools required by the NIST SP800-53 Security and Privacy Framework updated in September of 2020. 

 

Runtime security for web applications is quickly becoming a must have, rather than a nice to have, with the increase in attacks and data breaches that continue to occur.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.