SPAM Wave Update - November 4th

spamjahy-1024x564.jpg
Ah s**t! Here we go again.
In the second time in a month, the same troll group has decided to SPAM the Fediverse around midnight last night. This time, the troll group used QR codes. You shouldn't scan the QR code, but decoding it leads to a Discord link to a familar Japanese trolling group, called the Arashi Kyoueiken (荒らし共栄圏, lit: Troll Prosperity Sphere). It started around midnight at 12 AM EST, which affected about 18 servers, about 6 servers are still sending SPAM. Most of the servers that are sending SPAM are limited with media rejected on our Mastodon and temporarily suspended on Sakurajima Social (suspensions do not break relations, unless the button is pressed to do so).

This is happening because of abandoned instances, and some active instances, that didn't block temporary emails, which are ripe for abuse. Now that Misskey started implementing the registration kill switch if an admin/mod is not seen for 7 days, it will turn off registrations.

Thankfully, in 6 hours after the SPAM attacks happened, there is a solution, at least for Mastodon to deal with rejecting posts with QR code that will be implemented soon.

Hoshino Aiko (星野愛子・あいたん) 🌸 (@sakurajima@sakurajima.moe)

The Mastodon Vanilla Anti-Spam Tools fork has a new branch called stable-4.3-mediarejectpatterns. This branch contains the ability to also reject text that contain QR codes with a patch noellabo came up today to include QR content checking against the reject pattern in addition to checking the...
sakurajima.moe sakurajima.moe

Update: Reject Patterns for QR patterns are now implemented, and it will reject all the QR codes that contain the URL shortner used in the QR code.

This should be a wakeup call that simply having a registration kill switch is not enough, but there needs to be more tools to deal with SPAM. Enough kicking the can down the road.
 
Last edited:
Click to expand...
chikorita157
Kimby said:
I thought that the script kiddies were punished...
Thanks for the hard work moderating this wave
Click to expand...

Sadly no, but this one is a bit harder to deal with. Misskey doesn’t have a solution yet to check QR code contents, but at least there is a solution made today for Mastodon, so I guess that made the job easier on that side.
 
You must log in or register to reply here.
Top