MANILA, Philippines – Anime fans were forced to avoid anime-streaming website Crunchyroll over the weekend following an announcement by the service on Twitter that it had been hijacked to serve malware.

The tweet on the evening of November 4 told users not to access Crunchyroll due to issues with the website, though it did say the app was alright.

ATTENTION ALL CRUNCHYROLL USERS!!

Please DO NOT access our website at the current time. We are aware of the issues and are working on it!!

— Crunchyroll (@Crunchyroll) November 4, 2017

The app is not infected but is down as we are currently working on fixing the website!

— Crunchyroll (@Crunchyroll) November 4, 2017

A Medium post from Ellation, the owner of Crunchyroll, explained what had happened.

According to the post, “At 3:30am PST this morning, malicious individuals gained access and altered our Cloudflare configuration. Cloudflare sits between incoming visitors and Crunchyroll, and normally redirects traffic to Crunchyroll servers.”

As a result, people were being sent to a non-Crunchyroll hosted server that asked viewers to download a malicious file called “CrunchyViewer.exe.”

The file, Ellation wrote, “is malware directly targeting Windows PC web users.” 

Crunchyroll went back to proper operation after approximately 6 hours. 

The attack was isolated to Cloudflare rather than to Crunchyroll’s servers, meaning information on Crunchyroll’s servers was unaffected. 

Crunchyroll posted steps to remove the malware from user PCs on the following blogpost. – Rappler.com