It looks like lemmy.world has been hacked.

The instance has been defaced, the site is only intermittently accessible, sometimes it redirects to a random video or other nasty URLs

DO NOT ATTEMPT TO LOG INTO LEMMY.WORLD UNTIL THIS IS CLEARED UP AND OFFICIAL ANNOUNCEMENTS ARE MADE BY ITS ADMIN.

My recommendation is to stay away entirely for the time being and monitor this thread for updates: https://lemmy.ml/post/1895271 (https://lemdit.com/post/44963)

Update:

  • It looks like this was caused by a compromised Admin account
  • It may be attributed to an exploit introduced by a specific git commit that lemmy.world was using (not public).

Initial indications are that this was particular to lemmy.world and not a symptom of wider Lemmy vulnerabilities.

  • delendum@lemdit.comOPMEnglish
    1·
    1 year ago

    Update:

    • This is also affecting lemmy.blahaj.zone
    • There are concerns that this may in fact be a wider Lemmy issue rather than a lemmy.world admin account hack
    • Concerning issues being discussed in this thread: https://lemdit.com/post/45035