Julay.world was down due to an imageboard software crash on 2019-10-30 between 03:30 UTC and 04:45 UTC.
The database was filled with expired captchas. For some reason, the scheduled command to clear the expired captchas in the database was prevented from running. When Lynxchan crashed there were 1,051,459 captchas in the database.
How did this happen?
We are still investigating the cause. We're going to be monitoring the captcha counts in the database over the next couple of days to make sure that this doesn't re-occur. Currently the captcha counts are at normal levels.
Julay.world had to deal with an issue where MongoDB and subsequently Lynxchan would repeatedly crash due to MongoDB hogging almost all available system RAM. This could mean that the scheduled task that was meant to clear captchas may not have been triggered.
Of course it is also possible that a malicious attacker could've repeatedly requested captchas until the database was filled to the brim; however, our findings make this an unlikely case.
Lastly it is possible that an exploit exists in LynxChan to bypass limits on captcha generation.
Response to the incident
We are going to be closely monitoring the captcha expiration scheduling system to make sure it doesn't cause this sort of error again. Other than that, there doesn't seem to be any attack vector right now.
You can verify the authenticity of this message by verifying https://julay.world/.transparency/DOWNTIME-2019-11-30.txt
with the key https://julay.world/.transparency/keys/robi.gpg
Key fingerprint: 5D89833AE72E802E0201DFFBB1C4E0DB8448A3EE