On February 15th, newly-created Fediverse accounts started posting spam messages from various instances, sending invites to a Discord server for a Japanese troll organization. This spam was widespread across the Fediverse. The posts frame ap12 from “KuronekoServer” as the culprit behind the operation.  Looking at their spam content (in Japanese)

A really interesting look at the recent spam wave.

  • amio@kbin.social
    15·
    4 months ago

    amex2189 disappears(?) after 72 hours, possibly because of:

    • Parents being notified of this event, and confiscating his devices.

    Kek.

  • Otter@lemmy.caEnglish
    12·
    4 months ago

    The takeaways are great

    I haven’t read it all yet, but I noticed a bit about pressing charges.

    With decentralized social media, currently there is not a risk of some big social media company coming after you when you cause damages. It doesn’t have to stay that way though.

    What might coordinated legal action look like for the fediverse? They caused a LOT of harm to a lot of people, even if we’re just looking at server costs and time spent by volunteers to clean up the mess.

    • mosiacmango@lemm.eeEnglish
      9·
      4 months ago

      A first step is RBL intergration, a shared blocklist of spam instances that subscribed instances would use to blackhole spam users/traffic/instances. These are used ubiquitously in email spam systems, so there is a precedent in federation systems for it working. We need to stand up an RBL, and then mod Lemmys federation system to work automatically based on the community blocklist.

      It does mean that poorly admined instances will get blackholed, breaking their federation, but that’s the cost of a healthy network.

      • Unforeseen@sh.itjust.worksEnglish
        3·
        4 months ago

        This is how email servers have worked for decades - there is no silver bullet and this comes closest. If you poorly admin your email instance, say allowing it to be an open relay (same as just allowing open registrations), you get blacklisted everywhere aka defederated. Same if you have a compromise and someone starts spamming out.

  • nutsack@lemmy.worldEnglish
    4·
    4 months ago

    how did it take this long to get spam on the fediverse it’s basically an open canvas for wet crap

    • The Nexus of Privacy@lemmy.blahaj.zoneOPEnglish
      3·
      4 months ago

      There have been other waves, it’s just that once they get shut down everybody loses interest and moves on. The PR for the one of the changes Mastodon just made was implemented in May 2023 after the Doge spam wave. And here’s a June 2019 post talking about exactly the same kind of attack: “The problem we are experiencing is the spammer signing up on random open instances and sending spam remotely.”