I hope they can bring the site back up soon and that it is not gone forever.

  • TWeaK
    link
    fedilink
    English
    51 year ago

    This is the conversation I’m referring to:

    https://i.imgur.com/uqW3P8o.png

    It may well be that the lemmy.world admin account was compromised as a result of the hack, rather than to make it happen.

    Apparently Memmy is immune to this, not sure about other apps. Someone else advised staying loggged out, and maybe be prepared to change your password after it’s resolved.

    • KSP Atlas
      link
      fedilink
      English
      31 year ago

      Looks like it could be some kind of markdown parser injection, where they manage to forcefully close the HTML src property and enter their own

    • megane-kun
      link
      fedilink
      English
      31 year ago

      Thanks for the explanation.

      I’ve already made the decision earlier to change my passwords (on all my accounts on different instances) after this has been resolved.

      • @spiderplant@infosec.pub
        link
        fedilink
        English
        4
        edit-2
        1 year ago

        FWIW, right now it seems unlikely that your password was accessible to anyone. Your login cookie may have been taken if you accessed Lemmy on a web browser (apps are likely fine), so you would want to clear your Lemmy cookies and cache once this is over.

        But I’m speculating, and changing your password will definitely help!

        • megane-kun
          link
          fedilink
          English
          41 year ago

          Thanks!

          Fighting the urge to clear my cookies and cache right now, lol!