this post was submitted on 10 Jul 2023
43 points (100.0% liked)
Fediverse
17572 readers
35 users here now
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
- What is the fediverse?
- Fediverse Platforms
- How to run your own community
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What do you mean? Is there something that us normal users can do to mitigate this? Or do we just hope that the devs and admins resolve this?
This is the conversation I'm referring to:
https://i.imgur.com/uqW3P8o.png
It may well be that the lemmy.world admin account was compromised as a result of the hack, rather than to make it happen.
Apparently Memmy is immune to this, not sure about other apps. Someone else advised staying loggged out, and maybe be prepared to change your password after it's resolved.
Looks like it could be some kind of markdown parser injection, where they manage to forcefully close the HTML src property and enter their own
Thanks for the explanation.
I've already made the decision earlier to change my passwords (on all my accounts on different instances) after this has been resolved.
FWIW, right now it seems unlikely that your password was accessible to anyone. Your login cookie may have been taken if you accessed Lemmy on a web browser (apps are likely fine), so you would want to clear your Lemmy cookies and cache once this is over.
But I'm speculating, and changing your password will definitely help!
Thanks!
Fighting the urge to clear my cookies and cache right now, lol!