this post was submitted on 10 Jul 2023
184 points (98.9% liked)

Lemmy.world Support

3230 readers
5 users here now

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket Static Badge


You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.


Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world



founded 1 year ago
MODERATORS
 

When logging into lemmy.world the banner now says "Israel - ni**a style" (full word unredacted) and it starts linking to lemon party and a bunch of other NSFW sites.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] nosut 43 points 1 year ago (2 children)

Worse. Admin account. The MichelleG account is an admin and it appears that it was compromised and is what is causing all the problems. It looks like they have removed it from admin so things wont get worse but they will likely take a bit to find and repair all the stupid little changes that were made.

[โ€“] dragontamer 10 points 1 year ago (1 children)

The sidebar was changed.

Obviously some javascript was installed to the frontpage that makes us redirect to lemon party (NSFW) ponographic site.

Logo on top of the screen has changed, anti-Israel has been plastered all over the place.

[โ€“] PabloPicasshole 8 points 1 year ago (2 children)

This is not inspiring confidence in their security. 2FA was off or was somehow circumvented.

[โ€“] gkd 13 points 1 year ago

If a JWT token was stolen 2FA wouldnโ€™t matter.

[โ€“] melchus_od 1 points 1 year ago (1 children)

Encountered that too. Would it be recommended to change passwords and logins though?

[โ€“] PabloPicasshole 1 points 1 year ago (1 children)

We'll see what they say but never a bad idea. Hopefully logins are encrypted and salted but I don't use this username or password anywhere else.

[โ€“] melchus_od 1 points 1 year ago

That's the ideal situation. It's been restored and I'm yet to see anything related to 'login credentials being compromised' or an advice to change them but as you said, it's not a bad idea. Safety first

[โ€“] meldroc 3 points 1 year ago (1 children)

The tasteless redirect & site-title-change seems to have gone away. The admins have retaken the site, now just cleaning up the junior edgelord's mess.

[โ€“] darrsil 1 points 1 year ago

Nope, it's back.