this post was submitted on 10 Jul 2023
3303 points (99.3% liked)
Lemmy.World Announcements
29100 readers
35 users here now
This Community is intended for posts about the Lemmy.world server by the admins.
Follow us for server news ๐
Outages ๐ฅ
https://status.lemmy.world
For support with issues at Lemmy.world, go to the Lemmy.world Support community.
Support e-mail
Any support requests are best sent to [email protected] e-mail.
Report contact
- DM https://lemmy.world/u/lwreport
- Email [email protected] (PGP Supported)
Donations ๐
If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.
If you can, please use / switch to Ko-Fi, it has the lowest fees for us
Join the team
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Wow that's cool. How did malwarebytes know the website was compromised ?
I think it sees that the browser is trying to execute code that is suspicious (the payload of the XSS was pretty obvious).
probably looking for obvious patterns like
"onload="...
in image and link tags, because an onload event handler would usually never be put in those tags otherwise so the only plausible explanation is that it's a XSS attackI wish I knew. I tried logging into Lemmy yesterday and I was kept giving this message. I thought it might be relevant and saved this snip. I am only about to post this pic now. I did whitelist Lemmy on Malwarebytes after as well.