Here you can see 2 day old post warning about the danger of not using email/captcha verification: https://lemmy.ml/post/1345031

And here are stats of lemmy platform where it shows that we gained 200 000 lemmy users in 2 days: https://lemmy.fediverse.observer/dailystats

Another tracking site with the same explosion in users: https://the-federation.info/platform/73

What do you think? Is it some sort of a bug or do people run bot farms?

Edit2: It’s been now 3 days and we went from 150 000 user accounts 3 days ago to 700 000 user accounts today making it 550 000+ bot accounts and counting. Almost 80% accounts on lemmy are now bots and it may end up being an very serious issue for lemmy platform once they become active.

Edit3: It’s now 4th day of the attack and the amount of accounts on lemmy has almost reached 1 200 000. Almost 90% of total userbase are now bots.

Edit 3.1: my numbers are outdated, there are currently 1 700 000 accounts which makes it even worse: https://fedidb.org/software/lemmy

  • Teppic@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    It seems almost certain that there are farms creating these accounts - but why? The sheer volume of them is going to make them easy to identify and delete, and if the admins of the instances don’t delete them the instances will be defederated in short order.
    I fail to see any value to having 1 million+ bot accounts. What are we missing?

    • dandb@kbin.social
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I dunno, between no rate limiting and no bot mitigation, you could create them pretty fast with a single machine running parallel requests.

      • Teppic@kbin.social
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        But the question “why” strands. 200 upvotes will get you on the front page at the moment. Why not stop there, why make your bot accounts so conspicuous that they are basically garenteed to get deleted?

        • socsa@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Because it’s easy. Someone is just testing some basic tools, to which they can add countermeasures later.

    • Kichae@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Testing, I’d guess. Experimenting with hardware configurations, software configurations, bot configurations. Testing rate limits, looking for exploits, etc.

      We can tell when they pile 1 million bots onto 5 servers all at once. Will we tell when they pile 100,000 across 10 servers over the span of a month?

      • Teppic@kbin.social
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        They’ve just spoon fed us the data to help us identify them, and given us incentive to do so too. It just seems counter productive.

        • Kichae@kbin.social
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          They’ve just spoon-fed us the data to help us identify a very particular type of attack. They don’t need to use that type. They just need to know the ins and outs of the software.

          • Martineski@lemmy.fmhy.mlOP
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            1 year ago

            The attack started after someone made a post waring about how easy it is to do so they are not losing anything here.