4
submitted 1 year ago by imaginelizard to c/cafe
you are viewing a single comment's thread
view the rest of the comments
[-] Annoyed_Crabby 2 points 1 year ago* (last edited 1 year ago)

Shit, lemmy world got hacked, click on that Israel will lead you to explicit picture of a bunch of naked old man sucking each other, and also pop's up lead to porn site.

Avoid at all cost.

[-] oyenyaaow@lemmy.zip 2 points 1 year ago

is it the lemon party picture?...........feels old.

welcome to pre-rickroll internet.

[-] Annoyed_Crabby 1 points 1 year ago

Ahh, that's what it called, no wonder it's somehow familiar.

[-] zenyet@mitra.076.moe 2 points 1 year ago

https://github.com/LemmyNet/lemmy-ui/issues/1895 has more information on mitigations, which may not be necessary if no custom emojis were added.

it also has something for invalidating all json web tokens by changing the signing key (all users will need to re-login after doing that), which may be necessary depending on whether the tech team believes any of them (especially any of the admin's) have been compromised (there is currently no expiry date on the tokens).

#lemmyworldhacked #fediversedrama

[-] Annoyed_Crabby 1 points 1 year ago

Thanks, i'm giving it a read but i'm not coding literate so may need some time to parse 😂

[-] zenyet@mitra.076.moe 1 points 1 year ago

I also found this lemmy moderation tool (seems to be by the same dev as lemmyverse.net), which the tech team may want to take a look at to see if it's comparable to what you all had on reddit…at least after the security issue thing blows over.

#redditmigration

[-] Annoyed_Crabby 1 points 1 year ago

The team are currently working on the bot though, but thanks for the suggestion 😁

[-] ruk_n_rul 0 points 1 year ago* (last edited 1 year ago)

Goddammit. The fediverse drama continues.

Btw admins it's best that we defederate for the time being.

[-] ruk_n_rul -1 points 1 year ago* (last edited 1 year ago)

https://kbin.social/m/android@lemdro.id/t/168524/Lemmy-world-and-another-instance-have-been-compromised#entry-comment-661712

The linked comment suggests that the entire Lemmy platform is currently vulnerable to the cookie stealing exploit that already happened to several instances.

Now, if only we have automod that could detect code injection in markdown links and tempban offenders...

this post was submitted on 09 Jul 2023
4 points (100.0% liked)

Café

779 readers
1 users here now

Welcome to our virtual third place, The Café.

Come on in and make a new human connection over a cup of coffee (or Teh Tarik). This is a casual community, do whatever you want, share your oyen pics, your frustrations, and even organize a weekend picnic with the community. The world is your oyster.

Rules are simple, be kind and civil with each other. As with any other café, rude patrons will be kicked out.

founded 2 years ago
MODERATORS