this post was submitted on 24 Mar 2024
102 points (98.1% liked)

Lemmy

12548 readers
12 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago
MODERATORS
nutomic@lemmy.ml
102
Comment spam attacks in multiple /c's by Thuleanxxx (lemmy.ml)
submitted 8 months ago* (last edited 7 months ago) by zabadoh@lemmy.ml to c/lemmy@lemmy.ml
24 comments fedilink hide all child comments
 

There have been a number of comment spam attacks in various posts in a couple of /c's that I follow by a user/individual who uses account names like Thulean*

For example: ThuleanSneed@lemmy.tf in !coffee@lemmy.world

and ThuleanPerspective2@eviltoast.org in !anime@ani.social

edit: Also ThuleanSneed@startrek.website in !startrek@startrek.website

The posts have been removed or deleted by the respective /c's mods, and the offending accounts banned, but you can see the traces of them in those /c's modlogs.

The comments consist of an all-caps string of words with profanities, and Simpsons memes.

An attack on a post may consist of several repeated or similar looking comments.

This looks like a bored teenager prank, but it may also be an organization testing Lemmy's systemic and collective defenses and ability to respond against spam and bot posts.

you are viewing a single comment's thread
view the rest of the comments
[–] lemann@lemmy.dbzer0.com 30 points 8 months ago (8 children)

A per-user rate limit of some sort could have reduced the attack surface I think? Something like that would be quite a bit of dev work to implement though...

At least the situation was promptly resolved and users nuked, although R.I.P. to any smaller Lemmy servers that went down due to the massive spam wave

[–] Atemu@lemmy.ml 2 points 7 months ago (1 children)

This wouldn't really solve the issue as the user could rather simply create as many accounts as they like to circumvent per-account limits.

[–] sugar_in_your_tea@sh.itjust.works 3 points 7 months ago* (last edited 7 months ago) (1 children)

That takes more effort though, especially if accounts require some kind of "not a robot" thing, like email verification, submitting an "essay," etc. I'm not a fan of that and think a different moderation system would be preferred (prefer to not go into details here), but it's easy and should be quite helpful.

It's not a "fix," more of a mitigation.

[–] haui_lemmy@lemmy.giftedmc.com 2 points 7 months ago

Typical mistake by the comment above yours: anti theft of anti break-in measures dont make it impossible to break in, they just make it harder and more time consuming. You dont need to outrun the bear, you just need to outrun the person next to you.

So this absolutely is a great idea.

load more comments (6 replies)