this post was submitted on 10 Jul 2023
477 points (99.2% liked)

Fediverse

17776 readers
41 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
 

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?


edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895

you are viewing a single comment's thread
view the rest of the comments
[–] bootyberrypancakes@lemmywinks.xyz 37 points 1 year ago* (last edited 1 year ago) (4 children)

lemmy.blahaj.zone got hacked too, looks like the same people

https://lemmywinks.xyz/post/320087

[–] james@lurk.fun 28 points 1 year ago

They also changed the allowed/blocked instances to allow threads.net and defederate lemmy.ml, just like they did on lemmy.world: https://lemmy.blahaj.zone/instances

[–] Candelestine@lemmy.ca 20 points 1 year ago (1 children)

Huh... so this probably is more sophisticated than a single acct breach then. Lovely.

[–] bootyberrypancakes@lemmywinks.xyz 17 points 1 year ago (1 children)

Yeah, I'd recommend any server admin that doesn't have 2FA turn it on ASAP until we know what their exploiting

[–] bdonvr@thelemmy.club 11 points 1 year ago

Looks like the accounts were compromised by stealing their cookie - something 2FA can't stop.

Still should have it on, though.

blahaj admins are aware and have the site down with a splash screen now

[–] RoundSparrow@lemmy.ml 6 points 1 year ago* (last edited 1 year ago) (1 children)

Yup they must of just put that up after I posted and @ the admins