this post was submitted on 10 Jul 2023
475 points (99.2% liked)

Fediverse

17671 readers
29 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 4 years ago
MODERATORS
 

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?


edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 49 points 1 year ago (2 children)

lemmy.world was briefly back to normal and there had been a post saying that everything was fine now - it's not.

The site has just started doing the same thing again.

Please do not try using lemmy.world for the time being.

[–] [email protected] 25 points 1 year ago (2 children)

the post saying everything was fine now was coming from the same account that was originally compromised

[–] [email protected] 8 points 1 year ago

We've changed our name to Israel. - The Admins.

[–] [email protected] 6 points 1 year ago (1 children)

Lol so how do you expect to be notified then? You don't think they can get their account back? They'll get it back eventually.

[–] [email protected] 17 points 1 year ago

They have multiple admins. The expectation would be for one of the non compromised admins to make the announcement. It's a trusted channels thing

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago) (2 children)

i just got logged out of my account from Jerboa and can't login anymore. my is completely wiped from my app now.

edit: okay seems the admins have taken down lemmy.world and thats probably why it happend in the app. but its weird that it just wipes the login and data of the instance in the app.. weird.

[–] [email protected] 9 points 1 year ago

My self hosted instance has hiccups sometimes and Jerboa just doesn't handle it super well. You can swipe away the app and reopen once the server is back and it should come right back up.

[–] [email protected] 8 points 1 year ago (1 children)

Jerboa tries to log in with session info passed to the server, if the server doesn't respond properly then it just calls you Anonymous, because it can't acquire your username and info. That's probably what's happening.

[–] [email protected] 5 points 1 year ago (1 children)

oh, okay. didn't knew that. i expected that it saves the login information locally (encrypted) and then uses this to login.. and if there is an error, that it just says "login error" or something.. with the option to retry.

it's weird that it looks like the whole login data just gets wiped. confused me a lot since it also said Anonymous as my user etc.. really thought first my account got hacked after all that issues.

[–] [email protected] 2 points 1 year ago

I'm not using your app, I'm still learning Connect but ran into similar sounding confusion. Maybe yours is acting the same way: Connect puts an option in the settings to switch which instance(.world/.ee/.ca) it's running on, and each option will show its own list of users in the apps main sidebar. I switched and thought I lost all my login info, but it was there when I switched back. I maybe wouldn't try switching to .world right now, but if that's how your app works maybe it's all still there waiting.