Summary: Attacker found a way to inject JavaScript into the sidebar, letting them steal auth tokens (“JWTs”), including from an admin account. They then used the stolen admin access to vandalize the site. At one point, the attacker used the stolen admin account to falsely announce that the attack had been remediated. Later that day, the attack actually was remediated by the site owner (Ruud) and the vulnerability was patched in the Lemmy code.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
A community to talk about the Fediverse and all it’s related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to [email protected]!
Rules
Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Attack? I am outta the loop. What happened?
https://lemmy.world/post/1290412
Summary: Attacker found a way to inject JavaScript into the sidebar, letting them steal auth tokens (“JWTs”), including from an admin account. They then used the stolen admin access to vandalize the site. At one point, the attacker used the stolen admin account to falsely announce that the attack had been remediated. Later that day, the attack actually was remediated by the site owner (Ruud) and the vulnerability was patched in the Lemmy code.
Appreciate the info.