What I know so far:

  • vlemmy is still “up” and intermittently accessible. It is running slow as hell, PLEASE DO NOT VISIT THE INSTANCE as it will likely only slow things down more and make it inaccessible again.

  • Stripe, Librepay, and Github accounts are all closed. Closure date unknown
  • Reddit account still exists and has been messaged
  • No mentions of the instance in Element.io chats but still searching
  • They have almost certainly NOT lost their domain. Who.is historical records show no ownership or nameserver changes.

I have some minor personal details I’ve found that I’ll be deep driving on later, but it’s 1AM EST. I’m heading to bed but will continue on the investigation around 9AM EST.

Update 1PM EST July 9th:

Hi all, I’m working through about 40 different potential leads right now.

Although I need some help! Specifically, I need people who have viewed !kerbalspaceprogram@vlemmy.net to check their browser cache for this image:

https://lemmy.kya.moe/imgproxy?src=vlemmy.net%2fpictrs/image/928b2f95-a37c-4e94-bd70-bc014c8655d4.jpeg

You can do so using one of the following NIrsoft tools:

I’m hoping since it’s a historic image linked to their internet presence that it might generate specific leads.

I’ll update more as things progress.

  • Coelacanth@feddit.nu
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Looks like it’s fixed now. Seems like the vulnerability was stemming from Lemmy code and not .world-specific so not really their fault.