Here you can see 2 day old post warning about the danger of not using email/captcha verification:
https://lemmy.ml/post/1345031
And here are stats of lemmy platform where it shows that we gained 200 000 lemmy users in 2 days:
https://lemmy.fediverse.observer/dailystats
Another tracking site with the same explosion in users: https://the-federation.info/platform/73
What do you think? Is it some sort of a bug or do people run bot farms?
Edit2: It's been now 3 days and we went from 150 000 user accounts 3 days ago to 700 000 user accounts today making it 550 000+ bot accounts and counting. Almost 80% accounts on lemmy are now bots and it may end up being an very serious issue for lemmy platform once they become active.
Edit3: It's now 4th day of the attack and the amount of accounts on lemmy has almost reached 1 200 000. Almost 90% of total userbase are now bots.
Edit 3.1: my numbers are outdated, there are currently 1 700 000 accounts which makes it even worse: https://fedidb.org/software/lemmy
Yeah good point. I think these particular bot instances are being way too obvious to do any major damage - not when it's as simple as it is to defederate them - but what'll happen when it's not 100k bots on one instance, but 1000 instances with 100 bots apiece?
Let's hope Lemmy gets the tools needed to deal with this. I wonder how Mastodon does it? They've been around a while, I'm sure they've had similar issues.
It might not even be a case of 1000 instances. The nature of Lemmy is such that they could get around a defederation by simply firing up a new instance.
There's not much in the Lemmy toolkit that can deal with people firing up a brand new instance to spam with. You can defederate from them after the fact, but it doesn't stop them making a new one, and continuing.