3281
Lemmy.world (and some others) were hacked
(lemmy.world)
This Community is intended for posts about the Lemmy.world server by the admins.
For support with issues at Lemmy.world, go to the Lemmy.world Support community.
Any support requests are best sent to info@lemmy.world e-mail.
If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.
If you can, please use / switch to Ko-Fi, it has the lowest fees for us
I heard that some instances were defaced. Any examples of this? I wasn't online this noon so I never got to see any action.
No need if it was JWT token. After you use your password to log in, the server send your browser/app a JWT token. It uses this token whenever it requests anything from the server, to show that your logged in for this session, and the server can look at the token and tell who it gave the token to, show it knows you're logged in.
All that is to say, logging out will mark any leaked token as no longer valid, and when you log back in you'll have a new, non-hacked login token.
I mean, I want to see screenshots of the "fake announcements" the hackers posted through compromised admin accounts
It was some antisemitic bullshit. I have a screenshot, but it contains homophobic and racist phrases, so I don't think it's worth posting.
Can you send the screenshots through direct message to me? My curiosity is killing me
Thanks in advance!
Oh sorry, I totally replied to the wrong comment lol
Was gonna go refind the right parent and reply, but tbh I'm in bed right now and too lazy for that, so I'm just leaving the non-sequitur there for anyone interested