254

What are these comments on lemmy posts?(lemmy.sdf.org)

posted
by
Avatar
Fleecer74@lemmy.sdf.org
in
Avatar
asklemmy@lemmy.ml
85 comments
hidereport

Are they just an issue with wefwef or trying to use an exploit

Sort:
HotTopControversialNewOld
Avatar
LDRMS@lemmy.ml
-16 points

Click on one of the links and find out. Donโ€™t forget to let us all know what happened. /s๐Ÿคฃ๐Ÿคฃ

permalink
report
reply
Avatar
Faceman๐Ÿ‡ฆ๐Ÿ‡บ@discuss.tchncs.de
5 points

just a website with the usual bullshit rambings of anti-ukraine conspiracists.

permalink
report
parent
reply
Avatar
LDRMS@lemmy.ml
1 point
*
Deleted by creator
permalink
report
parent
reply
Avatar
tias@discuss.tchncs.de
9 points

And now it has your session cookie

permalink
report
parent
reply
Avatar
Faceman๐Ÿ‡ฆ๐Ÿ‡บ@discuss.tchncs.de
3 points

Which is why I always check dodgy links in a non logged in browser in an isolated vm.

permalink
report
parent
reply
Show more comments
Avatar
BrikoX@lemmy.zip
10 points

Clicking on it would run javascript on load (most browsers block it by default), but I would avoid clicking either way.

permalink
report
reply
Avatar
Kissaki@feddit.de
3 points

You canโ€™t see what the link actually is, only its Label.

Onload, if interpreted as Javascript instead of text, would have executed on load, not on click.

permalink
report
parent
reply
Avatar
nothendev@sopuli.xyz
51 points

if it has document.cookie in it - it is trying to steal your cookies, to use your account. thatโ€™s a JavaScript link that, well, sends your account cookies to a random ass site.

permalink
report
reply
Avatar
Noodles@lemmy.blahaj.zone
36 points

idk for sure but people are saying lemmy.world got hacked maybe it has to do with that?

permalink
report
reply
Avatar
Max-P@lemmy.max-p.me
22 points

Definitely seems to be trying to exploit the same thing

permalink
report
parent
reply
Avatar
Noodles@lemmy.blahaj.zone
8 points
*

yeah after reading more of the post I linked it definitely looks like it

permalink
report
parent
reply
Avatar
Noodles@lemmy.blahaj.zone
9 points
permalink
report
parent
reply
Avatar
Papanca@lemmy.world
44 points

A few minutes ago Ruud posted that there was a hack, i wonder if it has something to do with that?

https://lemmy.world/post/1290412

permalink
report
reply
Avatar
loutr@sh.itjust.works
34 points

Yes, these comments are JavaScript code, intended to run in the browser of anyone viewing them. Best to stay clear of the webapp for now (native mobile apps should not be vulnerable).

permalink
report
parent
reply

Asklemmy

!asklemmy@lemmy.ml

Create post

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, itโ€™s welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

Icon by @Double_A@discuss.tchncs.de

Community stats

  • 9.6K

    Monthly active users

  • 4.9K

    Posts

  • 275K

    Comments

Community moderators