this post was submitted on 10 Jul 2023
483 points (99.2% liked)

Fediverse

17776 readers
38 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
 

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?


edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 37 points 1 year ago* (last edited 1 year ago) (4 children)

lemmy.blahaj.zone got hacked too, looks like the same people

https://lemmywinks.xyz/post/320087

[–] [email protected] 29 points 1 year ago

They also changed the allowed/blocked instances to allow threads.net and defederate lemmy.ml, just like they did on lemmy.world: https://lemmy.blahaj.zone/instances

[–] [email protected] 20 points 1 year ago (1 children)

Huh... so this probably is more sophisticated than a single acct breach then. Lovely.

[–] [email protected] 17 points 1 year ago (1 children)

Yeah, I'd recommend any server admin that doesn't have 2FA turn it on ASAP until we know what their exploiting

[–] [email protected] 11 points 1 year ago

Looks like the accounts were compromised by stealing their cookie - something 2FA can't stop.

Still should have it on, though.

[–] [email protected] 8 points 1 year ago

blahaj admins are aware and have the site down with a splash screen now

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago) (1 children)
[–] [email protected] 6 points 1 year ago

Yup they must of just put that up after I posted and @ the admins