Aliucord EncryptDMs Incident
Plugin Release
EncryptDMs is a Aliucord plugin made by User:Mantikafasi in 26 November 2021.
The plugin's primary goal was to make Discord DMs end-to-end encrypted, being sure that neither Discord nor anyone without the encryption keys could read the contents of the DMs.
The Incident
After User:Mantikafasi pushed the first changes, even thought he didnt release the plugin, some individuals have acquired plugin through github repo with PluginDownloader.
For context those individuals had zero idea what they were doing.
Because plugin was not finished it was automaticly doing the exchange process as soon as some other person sent their public key, so whenever somebody shared their public key on a discord server all other people who had the plugin would automaticly respond with their public key.
Results
After several incidents "<ewd:publickey" word got banned from Aliucord server, and User:Mantikafasi pushed a update which removed entire functionality of the plugin.