cross-posted from: https://lemmy.world/post/1287053

Be alert, Please do not launch a new tab of Lemmy.World. Having tabs already open with this site is fine but as soon as you do you will be bombarded with awful content with malicious intent to cause shock, disgust and distress.

In the meantime use alternative instances, other instances are not affected by this compromise. Do not open any links/posts from the user MichelleG.

Thanks for reading, please stay safe out there Lemmy users!

Update: Lemmy World is under attack again.

Update: I am not a super code-literate person so bare with me on this… But. Still please becareful. There appears to be a vulnerability.

Users are posting images like the following:

https://imgur.com/a/RS4iAeI

And inside hidden is JavaScript code that when executed can take cookie information and send it to a URL address.

Among other things. At this time if you see an image please click the icon circled before clicking the link. If you see anything suspicious, please report it immediately. It is better a false report than a missed one.

  • Aer@lemmy.worldOPM
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    It is concerning as I have received a message from a compromised admin 1 hour ago telling me that an app developer wanted me to help them with mod tools.

    Hard to know if this is genuine or not, but given what has happened I am going with an attempt at breaching my account.

    • hawkwind@lemmy.management
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      That, is actually kind of fascinating and may be important info for someone doing a follow-up investigation. If that was the bad actor phishing for moderation access, why would they need that, when they already had an admin account? If it was legit, then it’s super sus. whoever this app developer was needs to have a little light shone on them.

      • Aer@lemmy.worldOPM
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        Could be where the DM from the admin was legitimate but got compromised following contact by this app developer.

        It is also possible nothing of the sort happened. The timing was just extremely alarming