recent spambots

Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
Forum rules
Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
tucsondrivers
Registered User
Posts: 5
Joined: Sun Mar 11, 2007 7:01 pm

recent spambots

Post by tucsondrivers » Tue Feb 03, 2009 1:23 am

hi all, I know spam bots is nothing new -- but just wondering if anyone has noticed spam bots hitting their forum, coincidentally after the recent phpBB attacks?
Only started happening today, so I'm not sure if it has to do with the recent issues... Just thought I'd let you guys know, and get some feedback!

Gonna have to start banning .ru emails (that's where most of 'em are coming from :D) or re-enabling forced e-mail activation.

User avatar
A_Jelly_Doughnut
Registered User
Posts: 1780
Joined: Wed Jun 04, 2003 4:23 pm

Re: recent spambots

Post by A_Jelly_Doughnut » Tue Feb 03, 2009 2:08 am

Only started happening today, so I'm not sure if it has to do with the recent issues... Just thought I'd let you guys know, and get some feedback!
We started seeing reports about this a week or two ago, so the incidents are unrelated.
A_Jelly_Doughnut

Gideon5L2F
Registered User
Posts: 39
Joined: Thu Mar 02, 2006 7:30 pm

Re: recent spambots

Post by Gideon5L2F » Tue Feb 03, 2009 6:45 am

Latest batch of spam registrations. All in the last two days and usually with phony gmail addresses.

plarlyNeame, Authemiimmuri, OxiprorgO, Relaideax, Tymnsoocomo, GeriWrefe, Laxqueuew, AntalawUnpalE

It seems that the spam bots :twisted: have cracked the Olympus registration protection.

Gideon

Daworm
Registered User
Posts: 10
Joined: Mon Jan 08, 2007 4:51 am

Re: recent spambots

Post by Daworm » Tue Feb 03, 2009 7:36 am

The ironic thing is... I didn't get no spam bots at all until I updated to 3.0.4 from 3.0.2. I reckon, within 6 hours of updating the spam bots started successfully getting through.

I don't know what was done, but while people were reporting it up to as recent as 2 weeks ago it first started, I personally never had it even then until 3.0.4 was setup. I even increased the captcha complexity... didn't help, so if Olympus Captcha is finally cracked (was only a matter of time really) what's the best way to go from here other than monitoring for spam posts? As we do have guest postings on my forums, prior to having them register.

ukjim
Registered User
Posts: 7
Joined: Fri Jul 11, 2008 11:26 am

Re: recent spambots

Post by ukjim » Tue Feb 03, 2009 11:15 am

Daworm wrote:The ironic thing is... I didn't get no spam bots at all until I updated to 3.0.4 from 3.0.2. I reckon, within 6 hours of updating the spam bots started successfully getting through.
I would agree with this idea. I've not had any spam registrations atall under 3.0.2, and have been meaning to upgrade for quite a while.
Only last Friday did I upgrade from 3.0.2 to 3.0.4, and now I'm getting spam registrations, and was wondering why the CAPTCHA was not preventing them!

User avatar
ChrisRLG
Registered User
Posts: 160
Joined: Wed Oct 11, 2006 9:47 am
Contact:

Re: recent spambots

Post by ChrisRLG » Tue Feb 03, 2009 11:41 am

It has been noted that changing the noise level to both the foreground and background of the CAPTCHA is holding them off.

They are probably only breaking the default noise levels.

Do note that changing those levels can make it harder for humans too, so it is a trade off.

One other option, in the KB's is an article where you can use the custom profile fields as an anti-spammer system.
A copy of the KB is here for while phpBB.com is down.

User avatar
James N
Posts: 143
Joined: Thu Jun 29, 2006 7:35 pm

Re: recent spambots

Post by James N » Tue Feb 03, 2009 11:48 am

... or you could install primes Anti spam MOD I have uploaded it here http://mronion.me.uk/Prime_Anti-bot.zip

User avatar
ChrisRLG
Registered User
Posts: 160
Joined: Wed Oct 11, 2006 9:47 am
Contact:

Re: recent spambots

Post by ChrisRLG » Tue Feb 03, 2009 12:11 pm

Another option is to do what we have done at both phpBB.com and here at area51, use the moderation for xx posts after a member is activated.

Just that first post needing to be accepted by a moderator is enough to catch the spammers.

User avatar
CTCNetwork
Registered User
Posts: 65
Joined: Thu Mar 18, 2004 9:41 pm
Location: Nottingham
Contact:

Re: recent spambots

Post by CTCNetwork » Tue Feb 03, 2009 1:37 pm

Hi,

Might be worth noting that a number of spammer type registrations register on forums and never bother to return following registration. Not sure that this may be because I have Admin activation/validation turned on, but I get quite a few accounts created which look real enough (Ok IP address for registration, ok email address etc) but never visit once validated/activated...

That they don't revisit maybe a good thing, but if that is the case and they activate their account and never visit, you'll not catch them with the post moderation technique..

Maybe they are preparing the ground for future attacks or other badness.. One wonders...

Des. . . ;)
Density:- Not just a measurement~Its a whole way of Life.! ! !
Uninvited PM's are Deleted. Uninvited IM's - You get a warning - and get blocked. Capiche?

User avatar
ChrisRLG
Registered User
Posts: 160
Joined: Wed Oct 11, 2006 9:47 am
Contact:

Re: recent spambots

Post by ChrisRLG » Tue Feb 03, 2009 2:01 pm

Remember you can prune the membership with different settings, such as over 3 months with zero posts.

If you feel a member who registers and never posts in the first week is never going to return, you could just prune all those away.

Locked