Lemmy.eus
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
G59@lemmy.ml to Fediverse@lemmy.mlEnglish ·
edit-2
2 years ago

PSA: Lemmy.world has been compromised! (Edit: Multiple Instances are down)

message-square
message-square
244
fedilink
480
message-square

PSA: Lemmy.world has been compromised! (Edit: Multiple Instances are down)

G59@lemmy.ml to Fediverse@lemmy.mlEnglish ·
edit-2
2 years ago
message-square
244
fedilink

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?

edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895

  • bootyberrypancakes@lemmywinks.xyz
    link
    fedilink
    English
    arrow-up
    37    ·
    edit-2
    2 years ago

    lemmy.blahaj.zone got hacked too, looks like the same people

    https://lemmywinks.xyz/post/320087

    • james@lurk.fun
      link
      fedilink
      English
      arrow-up
      29      ·
      2 years ago

      They also changed the allowed/blocked instances to allow threads.net and defederate lemmy.ml, just like they did on lemmy.world: https://lemmy.blahaj.zone/instances

    • Candelestine@lemmy.ca
      link
      fedilink
      English
      arrow-up
      22
      arrow-down
      2      ·
      2 years ago

      Huh… so this probably is more sophisticated than a single acct breach then. Lovely.

      • bootyberrypancakes@lemmywinks.xyz
        link
        fedilink
        English
        arrow-up
        17        ·
        2 years ago

        Yeah, I’d recommend any server admin that doesn’t have 2FA turn it on ASAP until we know what their exploiting

        • bdonvr@thelemmy.club
          link
          fedilink
          English
          arrow-up
          11          ·
          2 years ago

          Looks like the accounts were compromised by stealing their cookie - something 2FA can’t stop.

          Still should have it on, though.

    • bootyberrypancakes@lemmywinks.xyz
      link
      fedilink
      English
      arrow-up
      8      ·
      2 years ago

      blahaj admins are aware and have the site down with a splash screen now

    • RoundSparrow@lemmy.ml
      link
      fedilink
      English
      arrow-up
      6      ·
      edit-2
      2 years ago

      Links to this video: https://www.youtube.com/watch?v=Z1K4BUtHsO4

      • bootyberrypancakes@lemmywinks.xyz
        link
        fedilink
        English
        arrow-up
        6        ·
        2 years ago

        Yup they must of just put that up after I posted and @ the admins

Fediverse@lemmy.ml

fediverse@lemmy.ml

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !fediverse@lemmy.ml

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of “federation” and “universe”.

Getting started on Fediverse;

  • What is the fediverse?
    • Short ver.
    • Full ver.
  • Fediverse Platforms
  • How to run your own community
Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 13 users / day
  • 172 users / week
  • 481 users / month
  • 2.86K users / 6 months
  • 14 local subscribers
  • 19.4K subscribers
  • 1.47K Posts
  • 15.9K Comments
  • Modlog
  • mods:
  • Sean Tilley@lemmy.ml
  • wakest@lemmy.ml
  • BE: 0.19.7
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org