![]() “We don’t know if this is the work of one person, or if this is software or services being sold to others,” Chaput told KrebsOnSecurity. ![]() But he’s worried that other Mastodon instances may not be as well-staffed and might be easy prey for these spammers. Over three hours the attack evolved several times.”Ĭhaput says the spam waves have died down since they retrofitted mastodon.social with a CAPTCHA, those squiggly letter and number combinations designed to stymie automated account creation tools. “At first, they were targeting one path, and when we blocked that they started to randomize things. “This was three hours non-stop, 200,000 to 400,000 requests per second,” Chaput said of the DDoS. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack.Ĭhaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. Seeking to gain a temporary handle on the spam wave, Chaput said he briefly disabled new account registrations on mastodon.social and mastondon.online. One of the crypto investment scam messages promoted in the spam campaigns on Mastodon this month. “There was nothing in the Mastodon software to detect that activity, and the protocol is not designed to handle this.” “We suddenly went from like three registrations per minute to 900 a minute,” Chaput said. Chaput said that at one point this month the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social. Since then, the same spammers have used this method to advertise more than 100 different crypto investment-themed domains. Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtradecom. ![]() Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. Renaud Chaput is a freelance programmer working on modernizing and scaling the Mastodon project infrastructure - including, mastodon.online, and mastodon.social. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms.
0 Comments
Leave a Reply. |