JamieAug 28, 2023

WARNING: Lemmy Self-Hosters, There Have Been CSAM Attacks taking place against [email protected]

https://jamie.moe/post/113630

WARNING: Lemmy Self-Hosters, There Have Been CSAM Attacks taking place against [email protected] - Jamie Lemmy

There have been users spamming CSAM content in [email protected] [/c/[email protected]] causing it to federate to other instances. If your instance is subscribed to this community, you should take action to rectify it immediately. I recommend performing a hard delete via command line on the server. I deleted every image from the past 24 hours personally, using the following command: sudo find /srv/lemmy/example.com/volumes/pictrs/files -type f -ctime -1 -exec shred {} \; Note: Your local jurisdiction may impose a duty to report or other obligations. Check with these, but always prioritize ensuring that the content does not continue to be served. ## Update Apparently the Lemmy Shitpost community is shut down as of now.

Show threadleaAug 28, 2023

I nuked my personal instance because of this :(

Dealing with pictrs is just frustrating currently since there’s no tools for its database format and no frontend for the API. I half-expected this outcome but I hope it gets better in the future.

Show threadzahelAug 28, 2023
yeah this has got me second guessing hosting my own instance as well.
Show threadclearedtoland
That finalized my decision to not self-host. I’m savvy enough to set it up but not enough to keep up with maliciousness like this. I’d never even considered a deliberate CSAM attack as a possibility - I thought it was just something (atrocious) users might inadvertently post.
Aug 28, 2023 at 3:07amWeb
Show threadSkyeStarfallAug 28, 2023
You always gotta prepare for the worst case. It’s certainly why I am never going to bother with hosting something like this unless I’m serious about it akin to a job. If there’s even a remote chance of CASM getting on your machine, you gotta assume it will and be prepared to fight to prevent it/remove it.