I've had some tech friends walk me through what's going on. I still don't understand it. Important shit first, explanation behind the break:
FURAFFINITY.NET IS COMPROMISED, DO NOT LOG INTO OR NAVIGATE TO FURAFFINITY OR THE "FURAFFINITY STORE".
ALSO, FURAFFINITY'S TWITTER IS COMPROMISED AND DISABLED REPLIES, DELETED POSTS DOCUMENTING THE HACK.
Okay, details below.
Around roughly midnight or so Pacific Time, some kind of Cloudflare related service error started to notify Furaffinity.net users of problems with the site. For many of us, we've probably already been owned (our account information compromised), and if you're a former member of FA+ be sure to keep an eye on your Paypal or Bank information and balances, just en-case subscription information may have leaked to the hackers.
The Hack itself isn't especially sophisticiated. I'm told the attackers went one step ontop of the DNS to redirect traffic to a fake address that may have looked like Furaffinity, but actually was scooping log in information and maybe as much as cookie and cache information from your browsers, potentially even more. Again, stressing this: if you have visited Furaffinity since Midnight (Pacific Time), August 20th, 2024, you might be compromised. Now might be a good time to work through new passwords for your critical things like Bank Websites, Emails, Etc.
A critical element of how this all works is that we do not know the extent of the breach, what data might have been scooped, and that the website is not safe to return to. Says FA's staff via twitter posts, allegedly the attackers hit the service NetSolCares, which has an Twitter/X account as well that actually is NetSolCares, just for clarity. It also seems has just been confirmed again on the FA Discord that the Furaffinity Twitter Account is compromised, making the Furaffinity Discord maybe the only safe source of information regarding this hack... for now.
Presently, the place you end up when you go to Furaffinity.net is to anywhere, seemingly; people have caught redirects of going to duplicates of FA's home page, the FA Merch Store, and the FA Twitter; just to name a few of the places hit so far.
This is a developing story. Information that seems solid today may be incorrect tomorrow or in 5 minutes of posting.
Small PS:
Poor leadership shown by the Discord Mod/Admin team so far, as the many times steps have been taken and announced have often come with panic deletions. This includes invalidating the log-in status of all accounts on FA, a step I am told should be done after the breach in security is closed. Reminder not to log into FA period dot. Do not go to the website, okay?
Laffy, the defacto leader of Furaffinity as an organization, is apparently going to a Concert right now. I don't think there's much they can do about the situation, but being handy for snap decisions and emergency contact is kind of their "job" here. FA just raised loads of money to help fund debts from Dragoneer's passing and FA's former ownership by IMVU, and it's hard not to see that huge pool of money as a target. Not exactly something I'd want to carry in the back of my head while I go to a concert.
Furaffinity is in dire straights and in a way I never expected. You can't even archive, lmao.
