maegul, 11 months ago

@fediversenews

Seems that there may be a vulnerability in the platform itself.

beehaw.org have taken the precaution of turning their server off until things get sorted.

See https://hachyderm.io/@beehaw/110687918465426082

@beehaw

Also ... kudos to beehaw admins ... having an admin account on a separate instance and platform for announcements ... "this is the way" and all!

TDP4, 11 months ago

@maegul
Ok, this just makes a lot of sense. Also...
If your instance is down (mine was due to a failed AC issue), even having an external admin account would not help because people would not have access to their account to see the admin. This is assuming users are not aware of the link to the admin account on another service. I need to think on this now though. I like the idea.

@fediversenews @beehaw @Jdreben

maegul, 11 months ago

@fediversenews

So, lemmy.world is back up and running.

It seems (mostly?) sanitised from the hacker's defacement and is running (mostly) as though nothing has happened (which is perhaps alarming?).

Maybe avoid visiting if you have an account there (until things are verified) as it seems part of their hack was to scrape JWTs/cookies through a JS/scripting injection. (See, eg https://lemmy.sdf.org/comment/850269)

maegul, 11 months ago

@fediversenews
ruud (woke up and) has reported on the incident: https://lemmy.world/post/1290412

Seems that there was a vulnerability which has been patched and cleaned up. Patch is yet to be merged and pushed to all instances apparently.

Overall this incident has both positives and negatives. It’s not good that this could have happened. I’m not clear on the root cause so others can attest.
Positively, lemmy is an active platform, attracting attacks and devs/admins patching and maintaining the space.