this post was submitted on 24 Mar 2024
102 points (98.1% liked)

Lemmy

12443 readers
74 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago
MODERATORS
nutomic@lemmy.ml
102
Comment spam attacks in multiple /c's by Thuleanxxx (lemmy.ml)
submitted 5 months ago* (last edited 5 months ago) by zabadoh@lemmy.ml to c/lemmy@lemmy.ml
24 comments fedilink hide all child comments
 

There have been a number of comment spam attacks in various posts in a couple of /c's that I follow by a user/individual who uses account names like Thulean*

For example: ThuleanSneed@lemmy.tf in !coffee@lemmy.world

and ThuleanPerspective2@eviltoast.org in !anime@ani.social

edit: Also ThuleanSneed@startrek.website in !startrek@startrek.website

The posts have been removed or deleted by the respective /c's mods, and the offending accounts banned, but you can see the traces of them in those /c's modlogs.

The comments consist of an all-caps string of words with profanities, and Simpsons memes.

An attack on a post may consist of several repeated or similar looking comments.

This looks like a bored teenager prank, but it may also be an organization testing Lemmy's systemic and collective defenses and ability to respond against spam and bot posts.

you are viewing a single comment's thread
view the rest of the comments
[–] SheeEttin@programming.dev 4 points 5 months ago (2 children)

A lot of this stems from instances running old versions with loose registration requirements, like no captcha. This is a problem in a federated system because there's no barrier for a banned user to just jump to another instance.

Perhaps it would be a good idea if, when Lemmy has anti-spam measures implemented like rate-limiting and captchas for registration, it disabled federation with instances that are at a lower version, to motivate small instances to upgrade and enable the new features.

[–] Quill0@lemmy.digitalfall.net 3 points 5 months ago (1 children)

What I really want to see is the ability to set a threshold for a server to reach before it will federate.

Example: you have a server, you don't allow others to federate unless those servers force captcha or approval of user registration

[–] nutomic@lemmy.ml 2 points 5 months ago

The problem is that a server could very easily lie and claim to have captchas when it really doesnt.