this post was submitted on 10 Jul 2023
237 points (97.2% liked)

sh.itjust.works Main Community

8046 readers
30 users here now

Home of the sh.itjust.works instance.

Matrix

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
237
PSA: LEMMY.WORLD IS COMPROMISED (sh.itjust.works)
submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]
74 comments fedilink hide all child comments
 

PSA: DO NOT ATTEMPT TO ACCESS LEMMY.WORLD, THERE MIGHT BE MALWARE

Lemmy.world member here. I created this account after .world started redirecting me to porn sites and odd mp3 files. We might want to defederate to limit the potential impact. Also, SJW might be affected by the same vulnerabilities as .world, so maybe the admins here should look at that.

Edit: ~~Situation seems to have stabilized. Some site icons aren't loading, but otherwise everything seems stable.~~ Read Edit2

Edit2: ~~HOLY SHIT ITS BACK~~ Read Edit3

Edit3: ~~lemmy.world is now down as of 10:56 PM CST (USA)~~ Read Edit4

Edit4: lemmy.world is now up, but serving an error as of 11:03 CST (USA) See a screenshot of this error. I also got logged out, hopefully it doesn't mean they just wiped the databases lol.

Edit5: Edit4 still applies, but I can now access lemmy.world via Memmy on my phone. Wefwef (Voyager now) does not work, however. Timestamp: 11:34 PM CST (USA)

Edit6: lemmy.world restored. Compromised admin account said something in a weird post. I'm going to bed now, my brain is play-dough rn. Will update you guys tomorrow morning.

(page 2) 18 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 2 years ago (1 children)

What's the impact for other instance users ?

None ? lemmy.world was down during the night and is fixed this morning that's it ?

is there a risk that interaction with lemmy.world are leaked including potential "personal data" ?

is there a risk that smarter hackers could use the breach to access the DB behind some lemmy instances without anybody noticing it ?

[–] [email protected] 1 points 2 years ago

Lemmy.world was defaced last night. As far as I know, there is no DB breach. An XSS vulnerability was abused to steal the cookies of an admin account.

[–] [email protected] 0 points 2 years ago (1 children)

I still can't log into it.

[–] [email protected] 0 points 2 years ago (1 children)

Same for me. Would like to get 2FA turned on.

[–] [email protected] -2 points 2 years ago

I doubt 2FA would've helped in this situation since those assholes had access to the admin accounts and there server. I don't know. Good thing I'm signed up to another instance.

load more comments
view more: ‹ prev next ›