We quietly defederated temporarily earlier because lemmy.world seemed to be compromised earlier in some way, but then it was fixed. Now it’s happened again. Unsure what is going on over there but there isn’t much use speculating. They have been dealing with weird redirects to shock sites like lemonparty (throwback). Whoever has compromised them seems to have some early 2010s internet sense of humor I guess.

Anyway, once they have things under control and an announcement is made we will refederate ASAP. For the time being, please avoid going to their homepage for the time being as we have no idea what the nature of the compromise of their site is and to what extent.

EDIT: seems lemmy.blahaj.zone just was as well. :(

    • gavi@lemmynsfw.comOPM
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      I am hopeful their site admins will get it under control and be transparent about what happened when they are able to. It’s unfortunate though that it’s happening in the first place.

  • OreganoChampion
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    Admin alt of one of the mods of Mildly Infuriating.

    It may have something to do with this message I got:

    If I could hazard a guess. Maybe a login token theft, so the hacker has access to an admins account or multiple.

    • gavi@lemmynsfw.comOPM
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      It seems to have spread to lemmy.blahaj.zone. Will add them if more come :( This sucks man.

      • jack@lemmynsfw.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I was on blahaj and didn’t notice the redirects? What are you seeing or hearing?

  • Candelestine@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    XSS vulnerability on the sidebar. There’s some threads starting to pop up about it.

    • wowow@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      The attackers would’ve been able to get the token used to login but not your password from a vulnerability with custom emoji. Lemmy.world rotated their JWT secret so all logins are invalidated and the vulnerability has been patched. Should be just fine.

    • gavi@lemmynsfw.comOPM
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      We are unsure at this time. Just change any passwords you have that may be the same as what is on that instance just in case.