112

~~Almost~~ OVER 90% of the accounts on lemmy are now bot accounts!! (lemmy.fmhy.ml)

submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]

180 comments fedilink hide all child comments

Here you can see 2 day old post warning about the danger of not using email/captcha verification: https://lemmy.ml/post/1345031

And here are stats of lemmy platform where it shows that we gained 200 000 lemmy users in 2 days: https://lemmy.fediverse.observer/dailystats

Another tracking site with the same explosion in users: https://the-federation.info/platform/73

What do you think? Is it some sort of a bug or do people run bot farms?

Edit2: It's been now 3 days and we went from 150 000 user accounts 3 days ago to 700 000 user accounts today making it 550 000+ bot accounts and counting. Almost 80% accounts on lemmy are now bots and it may end up being an very serious issue for lemmy platform once they become active.

Edit3: It's now 4th day of the attack and the amount of accounts on lemmy has almost reached 1 200 000. Almost 90% of total userbase are now bots.

Edit 3.1: my numbers are outdated, there are currently 1 700 000 accounts which makes it even worse: https://fedidb.org/software/lemmy

you are viewing a single comment's thread
view the rest of the comments

[-] [email protected] 0 points 2 years ago

It seems almost certain that there are farms creating these accounts - but why? The sheer volume of them is going to make them easy to identify and delete, and if the admins of the instances don't delete them the instances will be defederated in short order.
I fail to see any value to having 1 million+ bot accounts. What are we missing?

[-] [email protected] 2 points 2 years ago* (last edited 2 years ago)

Testing, I'd guess. Experimenting with hardware configurations, software configurations, bot configurations. Testing rate limits, looking for exploits, etc.

We can tell when they pile 1 million bots onto 5 servers all at once. Will we tell when they pile 100,000 across 10 servers over the span of a month?

[-] [email protected] 0 points 2 years ago

They've just spoon fed us the data to help us identify them, and given us incentive to do so too. It just seems counter productive.

[-] [email protected] 2 points 2 years ago

They've just spoon-fed us the data to help us identify a very particular type of attack. They don't need to use that type. They just need to know the ins and outs of the software.

[-] [email protected] 1 points 2 years ago

Is it a benign "attack" to point out the weakness to get enough attention that it gets fixed?

[-] [email protected] 1 points 2 years ago* (last edited 2 years ago)

The attack started after someone made a post waring about how easy it is to do so they are not losing anything here.

[-] [email protected] 2 points 2 years ago

I dunno, between no rate limiting and no bot mitigation, you could create them pretty fast with a single machine running parallel requests.

[-] [email protected] 0 points 2 years ago

But the question "why" strands. 200 upvotes will get you on the front page at the moment. Why not stop there, why make your bot accounts so conspicuous that they are basically garenteed to get deleted?

[-] [email protected] 2 points 2 years ago

Because it's easy. Someone is just testing some basic tools, to which they can add countermeasures later.

this post was submitted on 22 Jun 2023

112 points (88.4% liked)

Lemmy

13479 readers

4 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 5 years ago

MODERATORS

[email protected]