Originally this post was me saying “oh, they refederated us.” They didn’t, they got hacked, lol. We’ve temporarily defederated with lemmy.world on our end (not that they federated with us anyway) until they get their shit back.
All I have to say is
HAHAHAHAHAHAHAHAHAHAHAHA
Went there hoping to see three grandpas getting busy, instead it’s some dude with a cigar… 🤨
EDIT: Looks like they got their page back.
They seem to have changed what happens a couple times.
I’ll refederate them once they make an announcement post or once their sidebar changes from this:
Thanks for this, they’ve been refederated on our end.
aaaand it’s compromised again. at least this time i was able to get the website’s payload before a redirect hit.
EDIT: sidebar has an onload component changing the window location if an item “h” can’t be found on the browser’s local storage:
onload="if(localStorage.getItem(`h`) != `true`){window.location.href = `https://lemmy.world/pictrs/image/7aa772b7-9416-45d1-805b-36ec21be9f66.mp4`}"
edit2: their backend is now down.
Alright, we’ll be defederating with them again. We’ll refederate once it’s clear they have things under control.
I suspect we aren’t high on the targets list. This looks like it’s coming from the edgy part of fedi and we have really relaxed rules here, and we aren’t talking about how “le nazis are at every corner and that it’s only a matter of time until they take over!!1111!!!” every 5s.
In any case, alt created so that I won’t risk my admin user’s session getting hijacked. Sanitize your strings, people.
Thanks for the heads up!
They make it abundantly clear tbf since it redirects you to lemonparty if you access any of their pages.
Not sure what mechanism does it, though. Since it lets me access a thread momentarily and then a few seconds later the redirect kicks on.
Anyways, mfw this happened to an instance that defederated us:
