It's all public information.
Admins are shown on the front page
Modlog shows even when an admin is added or removed.
Blocked instances are shown in the instances list.
The JWT exploit bypasses 2FA requirements. It basically steals your active session and allows a third party to use it.
Thanks for the work. As a heads up it appears most of the block instances are back however I believe explodingheads is still missing which you may want to confirm.
EDIT: it has been added back to the block list.
They were modded 20 days ago.
I find it unlikely to be necessary because the MichelleG account shouldnt have needed database access and it appears the attack was troll related with basic XSS redirects. You can wait for an official response however it is always good policy for yourself to do so anyways.
Yep. MichelleG admin was added back and posted an update but it doesnt appear that her account was fully secured so they are probably still accessing it via her account.
Looks like its starting to be resolved.
Not that I am aware of at least.
MichelleG account it appears. Was removed from admin not long ago.
Admin account was compromised.
Admin account was compromised. Looks like they are working on it but it will take a bit to fix all the stupid that was done.
EDIT: Looks like things are starting to resolve.
EDIT 2: MichelleG account admin was restored and she posted and update but shortly after the changes happened again. Her account is likely still compromised with someone else accessing things via it.
EDIT 3: lemmy.world back online. MichelleG has again been removed as admin. Most things appear to have been cleaned up. Blocked instances still need to be fixed however.
Yea. It has already been fixed now though.