News Report: Hacking Incident on Lemmy-Based Sites
In recent days, several sites built on the open software Lemmy were hacked by unknown attackers who took advantage of a zero-day vulnerability. According to reports, the hackers targeted Lemmy sites through an exploit in the intersight script, specifically related to the display of user emojis.
Lemmy is an open software platform designed for creating independent news aggregators and discussion forums. Each site built on Lemmy is managed by different individuals or organizations, but they are interconnected, allowing users from one site to interact with content on other servers. Currently, there are over 1,100 Lemmy sites with a combined user base of almost 850,000.
Among the targeted sites was Lemmy.world, the most popular Lemmy-based site with over 100,000 users. The hackers compromised several user accounts, including those of administrators, by stealing JWT authentication cookies. These stolen cookies provided the attackers with access to personal messages and email addresses of affected users.
The attackers took advantage of the compromised pages to redirect users to offensive and shocking content. As a result, some Lemmy sites were temporarily shut down as the attack unfolded.
The administrators of Lemmy.world released a statement acknowledging the incident. They stated, “Only users who accessed pages with malicious content were vulnerable during the incident,” and urged affected users to change their JWT passwords as a precautionary measure.
Efforts are underway to fix the vulnerability that was exploited in the attack. In the meantime, users of Lemmy-based sites are advised to remain vigilant and take necessary security precautions.