388
PSA: Lemmy.world has been compromised! (Edit: Multiple Instances are down) (lemmy.ml)
submitted 1 year ago* (last edited 1 year ago) by G59@lemmy.ml to c/fediverse@lemmy.ml
230 comments fedilink hide all child comments

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?

edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895

you are viewing a single comment's thread
view the rest of the comments
[-] CMahaff@lemmy.ml 29 points 1 year ago* (last edited 1 year ago)

My concern is that configuring the site to automatically redirect users sounds like they have pretty large control over the site - the kind of control that I would assume is usually limited to users with root access on the server.

Obviously hope nothing of value is lost and that there is a proper off-site backup of the content.

Edit: See Max-P's comment, it looks like the site redirection was accomplished in a way that IMO suggests they do NOT have full control over the site. We'll obviously have to wait for the full debrief from the admins.

[-] JackbyDev@programming.dev 5 points 1 year ago

If it was just DNS that doesn't mean too much. If it was just DNS it seems to be back up. It's like changing the number in a phone book.

[-] Cube6392@beehaw.org 5 points 1 year ago

It was a JavaScript injection to the site's sidebar and top announcement section

this post was submitted on 10 Jul 2023
388 points (99.2% liked)

Fediverse

17688 readers
2 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
deadsuperhero@lemmy.ml
wakest@lemmy.ml