[CONFIRMED FALSE] FxTwitter/Fixupx Compromised(?)

[FocalFlare]

This has been confirmed as false. TL;DR here: #1124 (comment). Please ignore everything below the next line

Coincidentally, I found said screenshot on Reddit and knew that this had to be old info given the date posted.

---

This is basically me saying that #677 had aged a bit poorly.

_On a serious note, I couldn't find any existing issues mentioning this here, so hopefully this isn't a duplicate (if it is, feel free to redirect this issue with the initial one). According to a friend (not mentioning names by the way so I'll call them SQ) from their private Discord server (word for word),

Anon_SQ: fxtwitter (and possibly fixupx) and fxdeviantart embedders have been hijacked by an unknown party.
For safety of your account and possibly your system, DO NOT USE THEM.

Following that, they sent a screenshot of a message containing a screenshot of another, which mentions this:

Anon_CN: Someone hijacked the use of prefix for Twitter and Furaffinity displays, DO NOT CLICK OR USE THIS LINKS YOU CAN POTENTIALLY LOSE MORE THAN YOUR ACCOUNT

Anon_SKFB: Don't use fxdeviantart, or at least don't click on the links, someone's grabbed the webname and is using the pathway to hack peoples clicking on them ;; I haven't been able to verify it yet, but please spread the word and exercise caution just in case.

Just so that everyone here knows, I assume that me and SQ have no confirmation about this, so we're spreading this around ensuring that people know what's up, and this issue is being made in case the dev(s) isn't/aren't aware of this. Practice and exercise good caution but do NOT take this as an official confirmation from any of us but the dev(s).

[Clawthorn]

Are we certain they're not just reacting to old information about FxDeviantart? I mean, I checked myself during the last scare and FxTwitter.com doesn't expire until 2026-07-07 so it's not possible to just hijack that for another year and a half.

Also "hijacked the use of prefix for X and Y displays", "grabbed the webname and is using the pathway to hack" sounds like something you'd hear in a movie, so I'm also wondering if they have any actual technical insight into this, or are just parroting dumbed-down scare bait they saw on tiktok.

[seacat17]

Don't make people panic pls. Do some research and don't rely simply on someone's messages.

[FocalFlare]

Are we certain they're not just reacting to old information about FxDeviantart? I mean, I checked myself during the last scare and FxTwitter.com doesn't expire until 2026-07-07 so it's not possible to just hijack that for another year and a half.

Also "hijacked the use of prefix for X and Y displays", "grabbed the webname and is using the pathway to hack" sounds like something you'd hear in a movie, so I'm also wondering if they have any actual technical insight into this, or are just parroting dumbed-down scare bait they saw on tiktok.
@Clawthorn

---

Don't make people panic pls. Do some research and don't rely simply on someone's messages.
@seacat17

As mentioned, this was a forwarded message sent as an announcement to a server I'm in, so like with anything else I couldn't really agree with it unless a dev says something.

The announcement was made out of nowhere and I had to check here first and then elsewhere. Mentioning again, I couldn't find this being mentioned in the issues (other than that issue mentioned). Oddly enough, before you two commented, I checked to see if anyone else was saying anything about this, and apparently the post with the same screenshot from a year ago with those messages in it showed up.

To be honest, this made me panic a lot more than anyone else viewing this since I've been using fxtwitter for sharing tweets and videos on Discord and seeing this being announced from left field made me grow the urge to delete/edit out any message I've sent with fxtwitter for people's safety.

[dangeredwolf]

I have no idea why almost an entire year later this same shit is spreading, the domains are not compromised. I guess I gotta pin the old issue again.

[FocalFlare]

Are we certain they're not just reacting to old information about FxDeviantart? I mean, I checked myself during the last scare and FxTwitter.com doesn't expire until 2026-07-07 so it's not possible to just hijack that for another year and a half.

Also "hijacked the use of prefix for X and Y displays", "grabbed the webname and is using the pathway to hack" sounds like something you'd hear in a movie, so I'm also wondering if they have any actual technical insight into this, or are just parroting dumbed-down scare bait they saw on tiktok.

I know this issue wasn't really mentioning how fxtwitter lasts longer than fxdeviantart before the two needing to be bought again goes over me lol

Also thanks @dangeredwolf for clearing things up. Again, I was VERY unsure—though impartial—whether or not this was still relevant. I probably should've closed this sooner than later.

[dangeredwolf]

Literally nothing has changed between now and last year, the domains still work fine and are not compromised

[FocalFlare]

I honestly should've checked those as well, though idk if this is something only you can see (I'm a bit new to GitHub so idk if either only repository creators can see the statuses of their API's or everyone can see them from a link). Regardless, glad that this was cleared up.

[dangeredwolf]

We have a public status page in case there are any outages: https://status.fxtwitter.com/

[seacat17]

I have no idea why almost an entire year later this same shit is spreading, the domains are not compromised. I guess I gotta pin the old issue again.

Just pin it for the time being until another serious issue strikes. People tend to overreact.

[dangeredwolf]

@seacat17 Yeah I've done that. It's just so bizarre to me that people don't understand the basics of how domains work, like saying "the 'fx' prefix got compromised". That's not how domain names work lmfao

[seacat17]

@seacat17 Yeah I've done that. It's just so bizarre to me that people don't understand the basics of how domains work, like saying "the 'fx' prefix got compromised". That's not how domain names work lmfao

Well, different people need different amount of time to learn different things. Let's just hope that no one will spread misinformation anymore because I literally panicked for a second when I saw that notification. I was like: "Wait, what? Is this one for real, or was it real this entire time?"

[FocalFlare]

I've edited the issue text and name so that nobody intentionally spreads this as "true info". 👍🏾

[dangeredwolf]

Appreciated!

[Riddim-GLiTCH]

Its so funny getting 200 pings on discord saying oh no, big hack! dont click on link!
I'm still getting them, but this was debunked a good while ago.

Off I go sending this issue everywhere I guess. If you get an influx of questions after this, I apologize in advance.

[polocatfan]

@seacat17 Yeah I've done that. It's just so bizarre to me that people don't understand the basics of how domains work, like saying "the 'fx' prefix got compromised". That's not how domain names work lmfao

to be fair I HAVE seen domains get changed before but it's mainly two people arguing over who has the rights so one takes the other down.