An update on this, if anyones interested on whats going on.
The forums stance on SPAM has not changed.- It will not be tolerated and it will be immediately removed upon Identification.
- Accounts will be banned/deleted.
- All details of spammers are reported to the Stop Forum Spam database.
The ProblemOver the past 24 hours we've seen a huge increase in spam attempts. Mods and Admin have deleted/removed/stopped no less than 20 new accounts that have got through the normal filters. Much of yesterday was spent adding new filters and measures.. and of course the alertness of the mods for the ones that slipped through.
Forum logs indicate that the preventative measures that we have in place has halted an additional 162 attempts in their tracks since yesterday.
Is it just this forum?Today it has emerged that we are not the only ones, and many other technical forums are also experiencing what has been described elsewhere as a 'tidal wave' of forum spam attacks.
Much of the attacks have come from russia/latvia/ukraine and as a first stage banning IP ranges + blocks from these regions appeared to be having some success. However, the bots are now getting cleverer and using open proxies on IP ranges 'closer to home' which is meaning more manual intervention from the Admin/Mods.
Apparently several other forums spent yesterday also IP Block banning, and the consensus is that they were playing cat and mouse trying to keep up with it.
Why its HappeningIt would appear a new version of
XRumer has recently been released. This program has the ability to automatically:
- Defeat hotmail / gmails CAPTCHAs and create email addresses to be used to sign up for forums
- Defeat Forum CAPTCHAs and sign up a forum account
- Automatically post forum spam
- Ability to make use of Open proxy servers to avoid detection by any anti-spam IP blocks that may be on place in the forums.
What happens next?SMF (The makers of the software on which this forum runs) is alert to the problem.
Current suggestions are to mostly do what we have already been doing, and I will be looking around later today on installing some additional mods/hacks to see if these help.
SMF developers are also looking into this to see if they can assist and make an upgrade.. but at the moment this will take investigation into the spammers methods and time to implement code for a new release.
SMF is open source, and suggestions have been made to see if any developers can make mods that would say check the stop forum spam database, but again this would need to be implemented by someone with the time and ability to do so.