Today, a bunch of new instances appeared in the top of the user count list. It appears that these instances are all being bombarded by bot sign-ups.

For now, it seems that the bots are especially targeting instances that have:

  • Open sign-ups
  • No captcha
  • No e-mail verification

I have put together a spreadsheet of some of the most suspicious cases here.

If this is affecting you, I would highly recommend considering one of the following options:

  1. Close sign-ups entirely
  2. Only allow sign-ups with applications
  3. Enable e-mail verification + captcha for sign-ups

Additionally, I would recommend pre-emptively banning as many bot accounts as possible, before they start posting spam!

Please comment below if you have any questions or anything useful to add.


Update: on lemm.ee, I have defederated the most suspicious spambot-infested instances.

To clarify: this means small instances with an unnaturally fast explosion in user counts over the past day and very little organic activity. I plan to federate again if any of these instances get cleaned up. I have heard that other instances are planning (or already doing) this as well.

It’s not a decision I took lightly, but I think protecting users from spam is a very important task for admins. Full info here: https://lemm.ee/post/197715

If you’re an admin of an instance that’s defederated from lemm.ee but wish to DM me, you can find me on Matrix: @sunaurus:matrix.org

  • voldern@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    2 years ago

    Thank you for proactively contacting me regarding this @[email protected]. I’ve had this issue on my https://feddi.no instance, but I have added a captcha and registration applications now. Hopefully it will alleviate some of the problem.

    All of the bots accounts seems to have a number in their email so I manually looked through the list of users in email_verification that contained numbers in the email to look for false positives:

    select * from email_verification where email ~ '[0-9]+';

    before running

    delete from local_user where id in (select local_user_id from email_verification);

    to delete the users.

    By suggestion from @[email protected] I updated site_aggregates to reflect the new users count on the instance:

    UPDATE site_aggregates SET users = (SELECT count(*) FROM local_user) WHERE site_id = 1;.