FurAffinity update: They've convinced L1 support this is a problem, but L1 support is asserting that L2 support will not be available to help for 24 to 48 hours.

Network Solutions is a great platform and probably in a better world would be sued for this.

My current suspicion is that Network Solutions has a policy of offering a ~48 hour dispute window on account transfer attempts.

They presumably notified Dragoneer that someone was attempting to take ownership of the account, and no one saw it because Dragoneer is dead.

FurAffinity would have therefore missed its ~48 hour dispute window.

By intentionally delaying their response, Network Solutions would presumably be granting the attackers the same ~48 hour dispute window they grant anyone else.

As of right now I see no evidence in Certificate Transparency ( https://ui.ctsearch.entrust.com/ui/ctsearchui ) that any new *.furaffinity.net certs were minted.

So, I don't think the attackers have successfully impersonated any actual FA site yet. (They have broken the link a bunch of times, but that's _failed_ impersonation.)

EDIT: I take it back, there's this dubious-looking cert: https://crt.sh/?id=14214084757

Luffy asserts: the FurAffinity twitter is now compromised.

I still feel bad about that cert I identified, so I think it's possible that if the website reopens, it could be a phishing attempt.

All existing logins were closed out. Don't re-login until FA's _Discord_ says so (I will mirror that when it happens)

Update: they shock therapied Dragoneer back from the dead so his unliving corpse could scam you.

Horrifying. Kinda hot. Mostly horrifying.