G59@lemmy.ml to Fediverse@lemmy.mlEnglish · edit-21 year agoPSA: Lemmy.world has been compromised!message-squaremessage-square207fedilinkarrow-up1348file-text
arrow-up1348message-squarePSA: Lemmy.world has been compromised!G59@lemmy.ml to Fediverse@lemmy.mlEnglish · edit-21 year agomessage-square207fedilinkfile-text
minus-squarebootyberrypancakes@lemmywinks.xyzlinkfedilinkEnglisharrow-up10·edit-21 year agolemmy.blahaj.zone got hacked too, looks like the same people https://lemmywinks.xyz/post/320087
minus-squarejames@lurk.funlinkfedilinkEnglisharrow-up12·1 year agoThey also changed the allowed/blocked instances to allow threads.net and defederate lemmy.ml, just like they did on lemmy.world: https://lemmy.blahaj.zone/instances
minus-squareCandelestine@lemmy.calinkfedilinkEnglisharrow-up8·1 year agoHuh… so this probably is more sophisticated than a single acct breach then. Lovely.
minus-squarebootyberrypancakes@lemmywinks.xyzlinkfedilinkEnglisharrow-up9·1 year agoYeah, I’d recommend any server admin that doesn’t have 2FA turn it on ASAP until we know what their exploiting
minus-squarebdonvr@thelemmy.clublinkfedilinkEnglisharrow-up11·1 year agoLooks like the accounts were compromised by stealing their cookie - something 2FA can’t stop. Still should have it on, though.
minus-squarebootyberrypancakes@lemmywinks.xyzlinkfedilinkEnglisharrow-up3·1 year agoblahaj admins are aware and have the site down with a splash screen now
minus-squareRoundSparrow@lemmy.mllinkfedilinkEnglisharrow-up1·edit-21 year ago Links to this video: https://www.youtube.com/watch?v=Z1K4BUtHsO4
minus-squarebootyberrypancakes@lemmywinks.xyzlinkfedilinkEnglisharrow-up1·1 year agoYup they must of just put that up after I posted and @ the admins
lemmy.blahaj.zone got hacked too, looks like the same people
https://lemmywinks.xyz/post/320087
They also changed the allowed/blocked instances to allow threads.net and defederate lemmy.ml, just like they did on lemmy.world: https://lemmy.blahaj.zone/instances
Huh… so this probably is more sophisticated than a single acct breach then. Lovely.
Yeah, I’d recommend any server admin that doesn’t have 2FA turn it on ASAP until we know what their exploiting
Looks like the accounts were compromised by stealing their cookie - something 2FA can’t stop.
Still should have it on, though.
blahaj admins are aware and have the site down with a splash screen now
Links to this video: https://www.youtube.com/watch?v=Z1K4BUtHsO4
Yup they must of just put that up after I posted and @ the admins