~ Twitter account situation is resolved.
~ Furaffinity.net situation is resolved, ongoing investigation, site back online.
https://imgur.com/a/ahGk6ZCAt present do not try accessing the Website URL has potentially been hijacked.Wait for for further information to be posted on the site discord.Discord link: discord.gg/furaffinity
luffy
—
Today at 11:24 PM
ELI5 version:
Someone is trying to trick people by making our website take them to a site that isn't Fur Affinity (e.g. they can make furaffinity.net show their own content rather than our website). This fake website could look like anything but might be designed to look like ours to steal your information.For this reason, we urge you to not "log into" or visit the site until we follow up.
Please refrain from spreading misinformation or speculation and acting as experts on the situation as it furthers confusion and causes added stress. If someone asks about the situation, redirect them to this channel.
luffy
—
Today at 11:38 PM
@here The website may appear to be back to normal for now, but it’s still under threat. The hijackers have temporarily reverted it to our website, but they can switch it to whatever they want at any moment. Please do not interact with the website.Reminder: Your personal information is secure and has not been affected.
luffy
—
Today at 12:21 AM
From tech:"we have two events: original nameserver change and then the change being reverted. these happened around half an hour apart. as in, when I got online to handle things the changes have already been reverted back by the attacker, but things didn't work because cloudflare locked it's service. all this time the website was loading with an SSL error (not having certificate for https) was the time it was pointing to original cloudflare and our domain settings. they just have been locked, and as soon as I unlocked them things start working again.
at no point in time, as far as I can tell, did FA domain resolve to an actual valid webpage which could have grabbed session data."
In other news, I have to go to bed for my human job. Sorry all. Will update first thing in morning.
---------UPDATE 1
luffy
—
Today at 8:34 AM
@FA Pings* The situation is ongoing.
* We are in works to regain ownership of the account.
* Cloudflare was not accessed, our registrar was.
* Your personal information and passwords are safe.
* We advise you to not use the site until further notice. (ELI5 version pinned in💬┆general-convo ).
luffy
—
Today at 11:28 AM
@FA Pings They are attempting to make the change again. Please do not try to access Fur Affinity, and we will update when we can.
Aaand they changed it back to us again - we do request you continue to not access FA regardless.
---------UPDATE 2
luffy
—
Today at 2:51 PM
@FA Pings More information has been posted to our Twitter: https://x.com/furaffinity/status/1826013482971468025?t=LAy_ZAdNg9jBKpnVvd9OPg&s=19The reason Fur Affinity went offline around at 12:48am is due to someone hijacking our account with @netsolcares. Even though we worked quickly to correct the situation, their customer support has stated they cannot lock or freeze the account and we have to wait 24-48 hours for proper assistance. We have contacted them multiple times expressing urgency in this matter, and they've responded saying there is nothing they can do even though we have proven without a doubt that we are the proper owner and the account has been hijacked. This is a serious security issue and oversight on their side. Refusal to take this issue seriously has caused undue stress and misinformation to spread. We need action now to get the domain back into our control. This is unacceptable that customer support at @netsolcares can identify a hijack but not stop or freeze the account immediately.
Fur Affinity 🏳️⚧️ (@furaffinity) on X
The reason Fur Affinity went offline around 12:48am is due to someone hijacking our account with @netsolcares. Even though we worked quickly to correct the situation -🧵
Twitter•Today at 2:48 PM
luffy
—
Today at 4:21 PM
@everyone We invalidated all login sessions for security reasons. Do not log back into Fur Affinity until we greenlight it. Nothing is currently affected. This is a preventative measure.
luffy
—
Today at 4:42 PM
Logins are disabled.
luffy
—
Today at 5:18 PM
@everyone The Fur Affinity Twitter has been compromised. We're doing everything we can to regain access, but please do not trust anything posted on there until we let you know here that we have control of it again.
Please tell those you know that they must rely on our Discord for information for now.
Please report tweets made by our account.
---------UPDATE 3
Xanaecor
—
Today at 6:37 PM
Due to recent unusual level of DM activity that has occurred in this server, only friends will be able to contact each other further as a precautionary measure for the next 24hrs.As always, please be weary of accepting friend requests from people you do not know. @everyone
Xanaecor
—
Today at 7:14 PM
We are aware that our Twitter (X) username has been changed and that the original was reclaimed by Whanos as a safety precaution to help our community. We are in contact and working with this user. Please do not direct any misplaced harassment toward them. @everyone
---------UPDATE 4
luffy
—
Today at 7:53 AM
Great news @everyone! We’ve connected with all necessary contacts and finally made progress in recovering our domain. The tech team has regained control and temporarily locked down the site while they double-check everything and continue to move things forward.
With that said, I’m actively working on ways to manage the sudden influx and unrestrict the server. Please understand that it’s highly unusual to gain members at this rate, and I’m not particularly experienced in handling it, so things might get a bit messy. I kindly ask everyone to be patient and respectful, not only toward each other but also toward our volunteer mod team. If things become too chaotic, we may need to restrict access again. Thank you for your cooperation.
---------UPDATE 5
Momma Sciggles
—
Today at 7:09 PM
The twitter is officially back in our hands thanks to @Whanos 💖 @everyoneHave a wonderful night.
luffy
—
Today at 7:30 PM
If you are still seeing inappropriate posts on our Twitter, it is likely a caching issue. Please clear your Twitter cache and they should disappear - or wait awhile and they'll go away. Thank you!
---------UPDATE 6
Xanaecor
—
Today at 11:12 AM
Good Afternoon!Yesterday, after meeting for several hours with Network Solutions (our domain registrar), they finally agreed to our demands to lock our account and revert changes made to our domain name’s NAMESERVER configuration. This lock also prevents anyone from signing in and making further changes. A fraud investigation has been launched on their part, and upon conclusion, our account will be fully released to us and we will receive more information on how this hijacking occurred. Our domain is directing traffic correctly.
While the bad actor was in control of our domain between Tuesday, August 20th at 12:47AM ET and Wednesday, August 21st at 2:28PM ET, they redirected our traffic to other websites and they set up an email server to receive any emails that were sent to any of our @furaffinity.net accounts. If you sent any emails to our @furaffinity.net accounts during that time, then the bad actor has those emails, we did not receive them, and you should act appropriately to secure and protect your information. Furthermore, any emails sent from @furaffinity.net during that time would have been sent by the bad actor and should not be trusted. The bad actor never had access to our actual email accounts, any previous emails, nor data we have previously received.
It is important to stress that the Fur Affinity web server itself was never compromised, and the bad actor never had access to any private information therein such as our user and server data (It's as if someone stole your home address and had your mail and visitors routed somewhere else. Your house and everything inside is fine, only the address and incoming/outgoing mail were affected). As a precautionary measure during the incident, we invalidated all current login sessions and you will need to log back into your account.
✨🌟🎉 FUR AFFINITY IS NOW ONLINE AND MAY BE ACCESSED SAFELY! 🎉🌟✨
Furthermore, as of last night (August 21st at 9:53PM ET), we have regained access to our Twitter account, and with the help of Whanos (@KernelJunkie), reclaimed our username (@FurAffinity). And as of this morning (August 22nd at 10:45AM ET), we also secured Dragoneer's personal Twitter account.
We have also been made aware of various sources claiming to have identified the bad actor responsible for this attack. We have no way to verify that these accusations are accurate, but will continue to share all information with the FBI. With that said, we want to remind everyone that we have a zero-tolerance policy toward harassment, no matter the circumstances. Recently, there have been instances where speculation has led to individuals being harassed, even if they have no proven connection to the incident.
It is important to note that Fur Affinity, with direct insight into the situation, has not conducted its own investigation. We are leaving that responsibility to law enforcement. Speculation only spreads misinformation and causes harm, so please be cautious about what you share or believe online.
We kindly urge everyone to avoid engaging in further speculation or harassment. It is the role of law enforcement to determine the facts and make decisions, not ours.
Finally, we want to extend our deepest gratitude to all of you for your unwavering support during this incredibly difficult time. Your kindness, patience, and understanding have meant the world to us as we've navigated these challenges together. We are committed to continuing to foster a creative and welcoming environment for all, and it is your strength and solidarity that make our community truly special. Thank you for standing with us. @everyone
Updated