The massive rise in fraud, spam, DoS attacks, and malicious traffic generally across the entire internet in 2024 alone is of such a scale and variety that I cannot help but wonder if there is a nation state behind it
Reply to this thread with references to incidents in 2024 that you know of. I have: fediverse spam, sourcehut DDoS and spam, codeberg DDoS and spam, spam on gitea/forgejo instances generally, and the latest malware flood on GitHub. What else is going on?
@drewdevault hit a new case: at $work we're running quite a large mediawiki. every once in a while resource usage spiked drastically. today i was able to inspect the log, and it looks like a scraper is identifying with a range of different user agent headers (both browser headers and different bot headers, like bytedance / amazonbot / gptbot /…). it uses different ip addresses from google's address space and doesn't care if it brings down the wiki repeatedly
Plus with cryptocurrency prices spiking and several national elections this year I guess there's more financial and political incentive to spread malware.
@drewdevault In the past few months the amount of sea lioning on Mastodon seems to have gone way up. At least, the comment sections I read often get infested with aggressive and needlessly contrarian bots. Some pretty obvious brigading too.
Hardly saw it at all 6 months ago, now I see it regularly.
I keep some tabs on ssh brute forcing, and there is a massive increase recently.
We are talking 200+ new machines blocked every day, when a normal day used to be a couple of new machines at worst.
Also: geographical location, brute force robots used to be mostly Asia based (China, Korea, some Vietnam). Today, it's all over the place, and much more aggressive as well, with hundreds of tries from the same machine.
Someone may be trying very hard to build a botnet.
@drewdevault AFAIK the fedi spam was just script kiddies (which isn't surprising both mastodon and misskey have essentially no spam filtering and instances have open-registration by default).
@lanodan right, but there's also a bunch of incidents with spam on SourceHut, GitHub, Codeberg, and other forge service providers that I keep regular contact with -- we're all seeing it, some patterns shared, others not
@drewdevault Yeah, I'm only speaking about the fedi one, the forge spam on the other hand seems pretty weird, specially as like GitHub likely isn't at it's first spam wave.
@lanodan@drewdevault apparently the trigger was two Japanese script kiddies having a fight on Misskey and one of them decided the appropriate response was to DDoS the entire network.
Add comment