a lot of accounts are being compromised right now. please make sure to change your password every once in a while or set up 2 factor authentication if you haven't done so yet!

and please do keep reporting those accounts with fishy .ru links in their bios! (and don't click em obviously)

@citrustwee *groaning like paul rudd in wet hot american summer* fiiiiine


that sequence of him picking up silverware is one of the funniest bits of physical comedy of this century.

@jackdaw_ruiz "you taste like a burger, i dont like you anymore" is also one of my favorite lines in any movie

@citrustwee Hi, is this an instance-related issue or is there a vulnerability in Mastodon that's being exploited?

@lstamellos i think it is instance-specific but i can't say that with full confidence

@citrustwee Thank you for taking this issue seriously, I appreciate it.

@citrustwee is it just .social or other instances as well??

@raekh so far i've only gotten reports about .social accounts, so it's pretty safe to say that it's just .social

@mimorinka i'm not sure! old inactive accounts are being compromised and used for spam

@citrustwee I'm afraid that a part of raw data which cotains passwords had been compromised

@mimorinka i can't really comment on that since i have no real insight on the tech side of things!


important advice:

don't use the same password on different sites
don't know what your passwords are
use a password manager


DEFINITELY setup 2FA for your accounts. I wish this was mandatory, but since it isn't, just do it.

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!