155
PSA: Lemmy.world was compromised! (infosec.pub)
submitted 1 year ago* (last edited 1 year ago) by henfredemars@infosec.pub to c/infosecpub@infosec.pub
17 comments fedilink hide all child comments

Discussion from here: https://lemmy.ml/post/1895271

Relevance: Infosec.pub may wish to consider defederation temporarily.

Temporary fix in place, but instances remain vulnerable. Post: https://lemmy.world/post/1290412

  • UPDATE 2:58 UTC the injected code was removed from the main page, but cleanup efforts are still underway.
  • UPDATE 3:11 UTC situation appears to be under control, but browse with caution.
  • UPDATE 3:35 UTC main page exploited again! Website is unsafe.
  • UPDATE 4:01 UTC reports coming in that other instances are getting owned. One report of comments trying to inject JavaScript into the page.
  • UPDATE 4:13 UTC XSS vulnerability in page sidebar is reported relationship to the event is unknown.
  • UPDATE 7:17 UTC Root cause was identified a while ago.
you are viewing a single comment's thread
view the rest of the comments
[-] solarzones@programming.dev 8 points 1 year ago* (last edited 1 year ago)

I hope everything will be resolved quickly. Saw a post on kbin about it, and I was just about to login my .world account and see what’s up. ~ Waiting on updates…

[-] henfredemars@infosec.pub 18 points 1 year ago

Tbf, I'm surprised this hasn't happened already. The software is not mature and is suddenly being exposed to a huge group of people. There are lots of eyes on it that weren't on the code before, and the big audience makes Lemmy a juicy target.

Other instances should be vigilant in case Lemmy could have an exploit until we know for sure what happened.

this post was submitted on 10 Jul 2023
155 points (97.5% liked)

Discussions related to Infosec.pub

1121 readers
2 users here now

founded 1 year ago
MODERATORS
jerry@infosec.pub