Soyjak Party

Also known assoyjak_party

Soyjak Party, also referred to as The Party, is a hacker collective publicly linked in the provided reporting to the April 2025 compromise of 4chan. The group claimed responsibility for infiltrating 4chan’s systems and stated it could leak site code and personal information relating to staff. Reporting cited claims that the group published screenshots allegedly showing access to 4chan administrative panels, moderation tools, ban templates, internal staff tools, and email addresses said to belong to administrators, moderators, and janitors. The group also allegedly restored and defaced the /qa/ board. A member identified as “Chud” claimed the operation was called “soyclipse” and asserted that access to 4chan had been maintained for more than a year, though the reporting notes these claims were not fully independently verified. Some exposed moderators reportedly confirmed to TechCrunch that leaked data was authentic, and reporting stated attackers also accessed personal data of paid 4chan Pass subscribers. The content does not attribute Soyjak Party to any nation state. Known aliases directly mentioned in the content are Soyjak Party and The Party.

Are they targeting you?

Know when an actor pivots toward your sector

Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.

Start free trial

OPERATIONAL PROFILE

Targeting

Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.

Who they target

Sectors the actor has been observed targeting.

Media & Entertainment

MITRE ATT&CK

Tradecraft

5 distinct techniques observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.

7 of 15 tactics8 techniques×N= number of intelligence reports citing this technique

MITRE ATT&CK

TA0001

Initial Access

2 techniques

T1078

Valid Accounts

T1190

Exploit Public-Facing Application

TA0003

Persistence

1 technique

T1078

Valid Accounts

TA0004

Privilege Escalation

1 technique

T1078

Valid Accounts

TA0005

Stealth

1 technique

T1078

Valid Accounts

TA0009

Collection

1 technique

T1213

Data from Information Repositories

TA0010

Exfiltration

1 technique

T1537

Transfer Data to Cloud Account

TA0040

Impact

1 technique

T1491

Defacement

ACTIVITY FEED

Recent activity

2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

2 SOURCESView more in app

xakepNews

Apr 16, 2025

4chan вышел из строя из-за масштабной атаки - Хакер

Claimed responsibility for the compromise of 4chan, including access to administrative panels, reopening and defacing /qa/, leaking staff personal data, and publishing site source code.

ny daily newsNews

Apr 15, 2025

Soyjak Party takes credit for hacking 4chan platform

Claimed intrusion into 4chan’s systems, alleging compromise of site code and staff personal information and asserting the administrators took the site offline to mitigate damage.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: sector and geo overlap with your footprint, the IOCs they’re burning right now, detection coverage, and what to do next.

Start free trial

Target overlap

Match sector + geo + tech-stack targeting against your real footprint.

Tradecraft mapping5

Every observed MITRE ATT&CK technique, grouped by tactic.

Malware arsenal

Families this actor is known to deploy, with IOCs and behavior.

Exploited CVEs

CVEs this actor has used in known campaigns.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Observables

Domains, IPs, and hashes tied to this actor, refreshed continuously.