388
submitted 1 year ago* (last edited 1 year ago) by G59@lemmy.ml to c/fediverse@lemmy.ml

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?


edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895

you are viewing a single comment's thread
view the rest of the comments
[-] bootyberrypancakes@lemmywinks.xyz 35 points 1 year ago* (last edited 1 year ago)

lemmy.blahaj.zone got hacked too, looks like the same people

https://lemmywinks.xyz/post/320087

[-] james@lurk.fun 27 points 1 year ago

They also changed the allowed/blocked instances to allow threads.net and defederate lemmy.ml, just like they did on lemmy.world: https://lemmy.blahaj.zone/instances

[-] Candelestine@lemmy.ca 18 points 1 year ago

Huh... so this probably is more sophisticated than a single acct breach then. Lovely.

[-] bootyberrypancakes@lemmywinks.xyz 16 points 1 year ago

Yeah, I'd recommend any server admin that doesn't have 2FA turn it on ASAP until we know what their exploiting

[-] bdonvr@thelemmy.club 8 points 1 year ago

Looks like the accounts were compromised by stealing their cookie - something 2FA can't stop.

Still should have it on, though.

blahaj admins are aware and have the site down with a splash screen now

[-] RoundSparrow@lemmy.ml 5 points 1 year ago* (last edited 1 year ago)

Yup they must of just put that up after I posted and @ the admins

this post was submitted on 10 Jul 2023
388 points (99.2% liked)

Fediverse

17688 readers
2 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS