It looks like lemmy.world has been hacked.

The instance has been defaced, the site is only intermittently accessible, sometimes it redirects to a random video or other nasty URLs

DO NOT ATTEMPT TO LOG INTO LEMMY.WORLD UNTIL THIS IS CLEARED UP AND OFFICIAL ANNOUNCEMENTS ARE MADE BY ITS ADMIN.

My recommendation is to stay away entirely for the time being and monitor this thread for updates: https://lemmy.ml/post/1895271 (https://lemdit.com/post/44963)

Update:

  • It looks like this was caused by a compromised Admin account
  • It may be attributed to an exploit introduced by a specific git commit that lemmy.world was using (not public).

Initial indications are that this was particular to lemmy.world and not a symptom of wider Lemmy vulnerabilities.

  • delendum@lemdit.comOPM
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Update: lemmy.world was briefly back to normal and there had been a post saying that everything was fine now - it’s not.

    The site has just started doing the same thing again.

    Please do not try using lemmy.world for the time being.