Stuff

3 readers
1 users here now

This is a place to talk about random stuff, or just say hello.

founded 1 year ago
MODERATORS
1
 
 

A stranger appears

A highly unusual person joined Lemdit yesterday and proceeded to make a post in Lemdit Official. It consisted of a long list of links and some random anime image.

He styled himself Maskugatiger a.k.a Cybernetwalker. (The Highest Leader of Global Civil Society Community)

I initially thought it was some kind of bizarre spam bot, but curiosity got the better of me and I decided to go down the rabbit hole.

The rabbit hole runs deep

The first handful of links were to various obscure boards and pages that this individual had created. They were all very strange:

  • The forums had countless sections that were seemingly empty.
  • There were animated gifs, k pop idols and random anime images plastered everywhere.
  • Lots and lots of buttons and random links in all kinds of colors.
  • There were long ramblings that mixed Islamic fundamentalist views, doomsday prepper advice, death cult beliefs, calls for revolution, a love for childish anime and just about every conspiracy theory known to man, all in one.

...but I couldn't spot anything illegal, there was no incitement to violence, the imagery was somewhat creepy but not sexual in nature, most of the links went to normal websites, etc.

Clearly there's some mental illness involved, but being odd is not against the rules so I decided to give the High Leader a chance.

Extending an olive branch

The response was a rather incoherent ramble accusing me of running my instance like a jail (since deleted). I persevered:

I figured everyone can easily block the community if they don't like it and I was genuinely curious to see what came next.

He did proceed to create a community, repost his links there and delete the original post as instructed - so far so good.

The veil falls off

The community had a picture of the same Asian woman (I'm guessing a streamer), and a game-like anime character that was clearly a child - again slightly creepy, but not sexual.

The Highest Leader then proceeds to create another community, whose logo was yet another child anime character.

His next post in this new community had details on how people could contact him, as well as a link to a YouTube video of preschool Asian girls wearing dresses and dancing. This video had countless creepy comments and the channel had over 700k subscribers.

It's then that I realized that this whole insanity, the forums, the spam, the crazy rambles, the gifs, the pictures, all of it is most likely obfuscation. Those that know what to look for will see the signs, get the hint and contact him. Buried in the spam of boards are likely hidden details, key words, images or links that mean nothing to a normie like me, but plenty to those like him.

Getting feudal

So I decided to ban him and purge all of it from the server. My buddy said that if he writes a blog post about it, then we know he was crazy.

Sure enough, he made another account on a different instance and proceeded to send me a message:

He also made a post to warn others of my infamous exploits:

It's true, I will absolutely go feudal at the slightest hint of pedophilia. Highest Leader - if you are reading this - please seek help.

To be continued, I suspect...

A note for the reader

I have deliberately not included any of the links that I am referring to, however a trivial internet search can reveal a lot of the content I reference here. I recommend you do not go looking for it, there's nothing good hiding under this rock.

2
-2
Noah's Ark (biblepicturesblog.blogspot.com)
submitted 1 year ago by [email protected] to c/[email protected]
3
7
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

It looks like lemmy.world has been hacked.

The instance has been defaced, the site is only intermittently accessible, sometimes it redirects to a random video or other nasty URLs

DO NOT ATTEMPT TO LOG INTO LEMMY.WORLD UNTIL THIS IS CLEARED UP AND OFFICIAL ANNOUNCEMENTS ARE MADE BY ITS ADMIN.

My recommendation is to stay away entirely for the time being and monitor this thread for updates: https://lemmy.ml/post/1895271 (https://lemdit.com/post/44963)

Update:

  • It looks like this was caused by a compromised Admin account
  • It may be attributed to an exploit introduced by a specific git commit that lemmy.world was using (not public).

Initial indications are that this was particular to lemmy.world and not a symptom of wider Lemmy vulnerabilities.

4
 
 

The short of it is:

  • vlemmy.net was one of the larger Lemmy instances (>10k users)
  • They suddenly went offline today with no warning, all DNS records gone
  • Nobody really knows why

There's more discussion in this thread: https://feddit.nl/post/458654

From what I can tell, this has nothing to do with their domain expiring / them forgetting to pay their domain bill. WHOIS records show it had been registered for many years, and domain registration is paid for in advance:

The domain status appears to have changed. The June 10th 2023 WHOIS data showed it as:

This is what you expect for a domain that is not currently being transferred.

The status now is:

Something is clearly going on with the domain, and it's not forgetting to pay a bill. All DNS records are gone, so this doesn't look like an oopsie there either.

I think all of these are possibilities:

  1. Owners decided to pull the plug on it
  2. This is a bungled attempt to transfer the domain to another registrar
  3. Someone managed to break into their registrar account and is trying to transfer the domain away

I think these are unlikely:

  1. Legal/law enforcement action
  2. Accidentally deleting DNS records

It will be interesting to see how this develops. If vlemmy is truly gone, then this is a significant loss to the Fediverse, as they were the only larger Lemmy instance to have a no defederation policy.

What are your thoughts?

5
1
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

Today I received this text message:

  • Opening the URL from a desktop computer redirects to the real NZ Post website.
  • Opening the URL from mobile shows a convincing spoofed NZ Post tracking page:

The objective of the scam is to get you to click on "Schedule a Redelivery" and give them your personal details:

They will use this information to contact you and attempt to scam money from you, as well as try any future scams they may come up with.

The combination of URL + believable phishing page makes this scam particularly easy to fall for. If you're from NZ, then it's a good idea to warn your friends and family about it.

I will report the domain but it usually takes a very long time for anything to be done in these cases.

6
 
 

An international recruitment company (indeed)

This particular scam seems to be getting more refined, similar messages I received in the past were from obviously hijacked accounts belonging to randoms and had worse english.

For the record, I'm not, nor have I ever been looking for part-time work online. I guess my number is on some sort of list that gets sold and re-sold, so I get to enjoy all the latest scam attempts.

I look forward to the inevitable catfish attempt that usually follows a few days later.

7
 
 

Snapped on my way home the other day.

8
 
 

Snapped on my way home the other day.