They been redirecting to lemon party and some weird video. Do not go to the website. This is the admin that been hacked:
Out of precaution we will defederate from lemmy.world until this is resolved.
Edit: Lemmy.world has resolved the issue
this post was submitted on 10 Jul 2023
64 points (100.0% liked)
Lemmy.ca's Main Community
45 readers
1 users here now
Welcome to lemmy.ca's c/main!
Since everyone on lemmy.ca gets subscribed here, this is the place to chat about the goings on at lemmy.ca, support-type items, suggestions, etc.
Announcements can be found at https://lemmy.ca/c/meta
For support related to this instance, use https://lemmy.ca/c/lemmy_ca_support
founded 3 years ago
MODERATORS
This seems unnecessary. The other Admins already removed the offending account as an admin.
Although requiring 2FA, for all admins on your instance seems appropriate. 
Edit: The instance is completely down after they briefly reinstated the compromised Admin's account.
Please disregard my earlier comment. It's a clown-show over there at lemmy.world right now.
Thank you for the heads up that it's fixed.
Although requiring 2FA, for all admins on your instance seems appropriate.
To my knowledge we all have 2FA enabled. Will confirm.
I appreciate the proactivity/precaution!
It is once again comprised
It's unresolved.
It's still compromised, right now it's showing text that says site seized by reddit for copyright infringement. Lol. Jerboa is just showing Lemmy World heads
*infringment
I am glad I’m on programming.dev for lemmy, but this could’ve happened to anyone. Hope nothing catastrophic happens
And this is why you use a password manager whenever you make new accounts on the internet.
If you had an account on the Lemmy.world website you need to change your password.
The page redirects is named Israel and it redirects to blank page with "This site was seized by Reddit for copyright infringement". So no, they don't have control yet.
Lemonparty! Now that's a name I haven't heard in ages 🍋🍋🍋👴
First vlemmy now this? what the fuck is going on?
this feels too intentional with two big servers in this short time frame icl
I was about to make a thread. Quite the bummer.
Thanks for the heads-up. Password changed.
I logged on and was like wtf because the site still works. Thought my phone was hacked heh
Man, after all that commenting and stuff I did... :(
pretty damn funny lmfao, lemmy world is about to lose a lot of users permanently
Guys, the new Israel lemmy instance has a lot of content I like, but some images I don't agree with. should we defederate?
Is there a way to not do email verification but still using 2FA? That way, even if a user's account is somehow phished/compromised, it won't compromise their other accounts.
Absolutely you can do no phone/email and MFA. It's a TOTP thing like Google or Microsoft authenticator. The service doing the authentication has no idea how it's done on the other side, it just makes sure the codes match.
I just successfully set up 2FA for an account on another instance that doesn't have a verified email without any issues, so there's no need to have done email verification to use 2FA.
Yeah... I caught all that. Glad to see that they fixed it already though. Rough day for Rudd.
Looks like it’s gonna be a bit really put a lid on this, but I guess another sign why this is a good system?
view more: next ›