163
Warning: lemmy.world just got hacked (beehaw.org)
submitted 1 year ago by darrsil@beehaw.org to c/support@beehaw.org
49 comments fedilink hide all child comments

I would be cautious about viewing any Lemmy.world communities right now, and the Beehaw admins should make sure their credentials are locked down in case they get targeted next.

you are viewing a single comment's thread
view the rest of the comments
[-] Zephyrix@kbin.social 6 points 1 year ago* (last edited 1 year ago)

This was not a social engineering. It was a JavaScript injection that stole browser cookies, bypassing password changes and 2FA.

However, it seems lemmy.world was running a custom version of the UI. So it's possible that it only affected their instance. Hard to say at this point.

[-] loobkoob@kbin.social 2 points 1 year ago

Oh, well in that case it's a little more concerning. But I don't expect it to be a long-term issue. It certainly isn't a serious blow to my confidence in the security of the fediverse, that's for sure! It being a somewhat minor breach may be a blessing, also; it means there'll almost certainly be more of a focus on security going forward before something more serious happens.

this post was submitted on 10 Jul 2023
163 points (100.0% liked)

Beehaw Support

2794 readers
1 users here now

Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.

A brief FAQ for lurkers and new users can be found here.

Our September 2024 financial update is here.

For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

if you can see this, it's up  

founded 2 years ago
MODERATORS
Zmodem@beehaw.org
Gaywallet@beehaw.org
alyaza@beehaw.org
Lionir@beehaw.org
Penguincoder@beehaw.org
remington@beehaw.org