356
PSA: Lemmy.world has been compromised!
(lemmy.ml)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 10 Jul 2023
356 points (99.2% liked)
Fediverse
17535 readers
57 users here now
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
- What is the fediverse?
- Fediverse Platforms
- How to run your own community
founded 4 years ago
MODERATORS
My concern is that configuring the site to automatically redirect users sounds like they have pretty large control over the site - the kind of control that I would assume is usually limited to users with root access on the server.
Obviously hope nothing of value is lost and that there is a proper off-site backup of the content.
Edit: See Max-P's comment, it looks like the site redirection was accomplished in a way that IMO suggests they do NOT have full control over the site. We'll obviously have to wait for the full debrief from the admins.
If it was just DNS that doesn't mean too much. If it was just DNS it seems to be back up. It's like changing the number in a phone book.
It was a JavaScript injection to the site's sidebar and top announcement section
Yeah the "redirect somewhere else" attack definitely doesn't necessarily require any particular control of the site. Usually it's noticing that you can trick some text into being run as Javascript, instead of interpreted as text... And then you just stick in a cheeky little
<notarealscript>window.location = "https://www.badsite.horse"</notarealscript>into that spot.Then every time that comment, username, (in this case apparently) custom emoji, etc. gets loaded, whoops, the code runs and off you go!
So no control of the site is required at all.