this post was submitted on 20 Jun 2023
346 points (99.1% liked)

Lemmy

2172 readers
22 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 4 years ago
MODERATORS
[email protected]
346
PSA: Many Lemmy instances are currently experiencing massive automated sign-ups (bots)! If you run an instance with open sign-ups, please read! (lemm.ee)
submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]
74 comments fedilink hide all child comments
 

Today, a bunch of new instances appeared in the top of the user count list. It appears that these instances are all being bombarded by bot sign-ups.

For now, it seems that the bots are especially targeting instances that have:

  • Open sign-ups
  • No captcha
  • No e-mail verification

I have put together a spreadsheet of some of the most suspicious cases here.

If this is affecting you, I would highly recommend considering one of the following options:

  1. Close sign-ups entirely
  2. Only allow sign-ups with applications
  3. Enable e-mail verification + captcha for sign-ups

Additionally, I would recommend pre-emptively banning as many bot accounts as possible, before they start posting spam!

Please comment below if you have any questions or anything useful to add.

Update: on lemm.ee, I have defederated the most suspicious spambot-infested instances.

To clarify: this means small instances with an unnaturally fast explosion in user counts over the past day and very little organic activity. I plan to federate again if any of these instances get cleaned up. I have heard that other instances are planning (or already doing) this as well.

It's not a decision I took lightly, but I think protecting users from spam is a very important task for admins. Full info here: https://lemm.ee/post/197715

If you're an admin of an instance that's defederated from lemm.ee but wish to DM me, you can find me on Matrix: @sunaurus:matrix.org

(page 2) 19 comments
sorted by: hot top controversial new old
[–] JesusTheCarpenter 2 points 2 years ago (2 children)

Just out of curiousity, I am always wondering who is making, using these bots and for what purpose?

[–] TechnoBabble 2 points 2 years ago

Mostly scammers and extra-unscrupulous advertisers.

Maybe some trolls here and there.

[–] axzxc1236 1 points 2 years ago

Something like: news article about politician A downvote to -50, news article about politician B upvote to 70, people are more likely to click on the article about politician B and skip over politician A's article.

[–] [email protected] 2 points 2 years ago* (last edited 2 years ago) (1 children)

Looks like my instance got hit with a bot. I had email verification enabled but had missed turning on captcha (captcha enable should be up with enabling email verification settings). The bot used fake emails so none of the accounts are verified, but still goes towards account numbers. Is there really any good way to clean this up? Need a way to purge unverified accounts or something.

[–] [email protected] 1 points 2 years ago (1 children)

How comfortable are you with SQL? You can see all unused verifications in the email_verification table. You should be able to just delete those users from local_user, and then update your user count with the new count of the local_user table in site_aggregates.user (where site_id = 1)

load more comments (1 replies)
[–] [email protected] 1 points 2 years ago

had to create an account to post since my comments from sffa.community and kbin.social weren't showing up.

I'm an admin over at sffa.community. We did notice the bot wave. They never got past email verification. We hve since implemented CAPTCHA and have purged the bots from our database.

You can see we are down to organic users. We've only been officially open for a couple weeks so we're still working on content but we are safe to federate with again, if you'd like.

load more comments
view more: ‹ prev next ›