53
submitted 1 year ago* (last edited 1 year ago) by LillianVS@lemmy.world to c/mildlyinfuriating@lemmy.world

cross-posted from: https://lemmy.world/post/1287053

Be alert, Please do not launch a new tab of Lemmy.World. Having tabs already open with this site is fine but as soon as you do you will be bombarded with awful content with malicious intent to cause shock, disgust and distress.

In the meantime use alternative instances, other instances are not affected by this compromise. Do not open any links/posts from the user MichelleG.

Thanks for reading, please stay safe out there Lemmy users!

Update: Lemmy World is under attack again.

Update: I am not a super code-literate person so bare with me on this... But. Still please becareful. There appears to be a vulnerability.

Users are posting images like the following:

https://imgur.com/a/RS4iAeI

And inside hidden is JavaScript code that when executed can take cookie information and send it to a URL address.

Among other things. At this time if you see an image please click the icon circled before clicking the link. If you see anything suspicious, please report it immediately. It is better a false report than a missed one.

top 35 comments
sorted by: hot top controversial new old
[-] AlmightySnoo@lemmy.world 13 points 1 year ago* (last edited 1 year ago)

looks like we survived the gay porn attack

[-] axtualdave@lemmy.world 8 points 1 year ago

The worst part was it wasn't even good gay porn.

[-] malloc@lemmy.world 8 points 1 year ago

Updating profile with “I survived 🍋 🎉 of July 2023”

[-] Spec_OpsFive@lemmy.world 6 points 1 year ago

We back in business now :)

[-] LillianVS@lemmy.world 5 points 1 year ago

It is concerning as I have received a message from a compromised admin 1 hour ago telling me that an app developer wanted me to help them with mod tools.

Hard to know if this is genuine or not, but given what has happened I am going with an attempt at breaching my account.

[-] hawkwind@lemmy.management 2 points 1 year ago

That, is actually kind of fascinating and may be important info for someone doing a follow-up investigation. If that was the bad actor phishing for moderation access, why would they need that, when they already had an admin account? If it was legit, then it's super sus. whoever this app developer was needs to have a little light shone on them.

[-] LillianVS@lemmy.world 2 points 1 year ago

Could be where the DM from the admin was legitimate but got compromised following contact by this app developer.

It is also possible nothing of the sort happened. The timing was just extremely alarming

[-] Tygr@lemmy.world 5 points 1 year ago

This is all part of growing pains on a new admin suddenly owning the top lemmy instance because they knew a little bit about branding.

As I’ve said before, I’m giving the admin a couple months and I feel they’ve done a fantastic job already.

[-] artistan@lemmy.world 3 points 1 year ago

Going through an app also prevents the awful redirects.

[-] malloc@lemmy.world 2 points 1 year ago

Speaking of apps. Seems like this is a possible attack vector.

Maybe a malicious actor copies code of one of the popular apps (Voyager/wefwef), adds code to extract JWT token or whatever auth token, gathers list of high value targets (admins / mods of large instances or communities), then hijacks instance.

Very easily could have been much worse. On the flip side, glad it was just a script kiddie

[-] hawkwind@lemmy.management 3 points 1 year ago* (last edited 1 year ago)

I think this carrying on without providing more information is reckless. Does an actual admin from this instance really know what happened or are you just taking a bunch of random commentary and speculation as gospel then telling the users "we're good."

[-] LillianVS@lemmy.world 17 points 1 year ago* (last edited 1 year ago)

I am a moderator of this community, not an admin of Lemmy.World

I know about as much as you. The difference is I have been spending time researching and discussing findings with other mods rather than sleeping which is what I should be doing.

I found critical information that I thought important to share. That is all there is to it. If you do not feel safe using Lemmy.World you should login to another instance.

The owners of Lemmy.World are also in the EU so are likely still asleep or awake and trying to figure this shit out.

[-] hawkwind@lemmy.management 6 points 1 year ago

TBF, at least you're doing something.

[-] hawkwind@lemmy.management -5 points 1 year ago

You do you. I would tell my users I have no idea what's going on, and definitely not say "using your open tabs is probably fine."

[-] LillianVS@lemmy.world 7 points 1 year ago

The attack involved a redirect that only affected pages that were freshly opened. If you had tabs that were opened before the attack no redirects happened, no malicious URLs of the sort. It showed the website as it was normal.

That statement was in fact true. The attack only happened when you opened a new tab of Lemmy.World

[-] dave@feddit.uk 1 points 1 year ago

What happens if you refresh said tab?

[-] MargotRobbie@lemmy.world 3 points 1 year ago

Let this be a lesson to all. Use long passwords with a password manager to deter brute force attacks. Use 2FA for your account. It's security 101.

[-] baronvonj@lemmy.world 3 points 1 year ago

The Lemmy 2fa has some compatibility issues and doesn't verify you have working tokens

https://lemmy.eus/post/190738

https://github.com/LemmyNet/lemmy/issues/3309

[-] Keltozak@feddit.de 2 points 1 year ago

Still better than no 2fa at all. And these bugs will get fixed in the future, so why not use it now already?

[-] MargotRobbie@lemmy.world 1 points 1 year ago

Interesting. That does present a serious issue then.

[-] AFKBRBChocolate@lemmy.world 3 points 1 year ago

Why the hell do people have to be complete assholes? I had just clicked a link and got all the crap, then couldn't go to the homepage or any of the posts in my history. I thought I got a virus until I tried it on my other device.

Honestly should be just as illegal as vandalism.

[-] LillianVS@lemmy.world 3 points 1 year ago

I mean it kinda is, the hacker exposed potential children to p*rnographic content.

[-] STRIKINGdebate2@lemmy.world 2 points 1 year ago

Update: Things seem to be calm about the moment. If there is any updates please inform me.

[-] Candelestine@lemmy.world 2 points 1 year ago

I'm checking on mobile web browser atm, everything seems fine.

[-] LillianVS@lemmy.world 6 points 1 year ago

Things are slowly getting restored, the mod that was compromised has been removed. Hopefully nothing more happens. I'll unpin this post as soon as I am 100% sure on that though.

[-] Candelestine@lemmy.world 3 points 1 year ago

Thanks for helping take care of it, that was a pretty quick response from you guys. I'm betting the talk for the next day is gonna be all about 2FA. lol

[-] elk_1337@lemmy.world 2 points 1 year ago

The home page seems to be operating normalish now

[-] wetnoodle@sh.itjust.works 1 points 1 year ago

lemmy.blahaj.zone just went under to it too

[-] lemminer@lemmy.world 1 points 1 year ago

Someone posted lemmy.world getting federated with threads. Was that legit?

[-] Syan@lemmy.world 3 points 1 year ago

It was the admin account mentioned in the post, MichelleG, which got compromised. No one is dumb enough to federate with that trash, it was just a troll.

[-] Cyyy@lemmy.world 1 points 1 year ago

was the hacker

[-] GamerBoy705@lemmy.world 1 points 1 year ago

Aaw did I miss it? :(

[-] mashhitmyself2@lemmy.world 1 points 1 year ago

FYI: Y'all still only federated with threads.net :)

load more comments
view more: next ›
this post was submitted on 10 Jul 2023
53 points (98.2% liked)

Mildly Infuriating

35455 readers
651 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...


7. Content should match the theme of this community.


-Content should be Mildly infuriating.

-At this time we permit content that is infuriating until an infuriating community is made available.

...


8. Reposting of Reddit content is permitted, try to credit the OC.


-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.

...

...


Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense


Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 1 year ago
MODERATORS