Spam bot attack

admin

Village Hero
Staff member
#1
In the past two days the site has suffered several attacks from spam bots. It seems like the bots discovered a way to solve the existing text in image captcha which we were using before. Upgrading to google's reCAPTCHA (https://www.google.com/recaptcha/intro/android.html) kept them at bay.

Why not block the source ip?
It was impossible to block the bot's ips since they were randomized and didn't follow any noticeable pattern.

What if they solve reCAPTCHA?
ReCAPTCHA has been performing well at it's purpose and there are few reports of it being bypassed.
 

Grundy

Village Sponsor
#12
In the past two days the site has suffered several attacks from spam bots. It seems like the bots discovered a way to solve the existing text in image captcha which we were using before. Upgrading to google's reCAPTCHA (https://www.google.com/recaptcha/intro/android.html) kept them at bay.

Why not block the source ip?
It was impossible to block the bot's ips since they were randomized and didn't follow any noticeable pattern.

What if they solve reCAPTCHA?
ReCAPTCHA has been performing well at it's purpose and there are few reports of it being bypassed.
Admin, you should do a thorough root cause analysis of the incident and put in place controls to prevent such attacks in the future and you should also enhance the security of this forum to protect the website and the villagers.

I have gotten this from the internet, hope it helps.
- ensure they use GD (truetype) fonts
- block the most common abused email domains used by the automated spammers (this is a bit older now)
@5crafts.com @cashette.com .info .ru @web.de @gaweb.com @gawab.com

That will block most of the automated spammers.

The problem is spammers are starting out 'outsource' capcha recognition. They get the capcha... post it to some webpage.. like a porn site.. a human enters the result.. its sent back to the bot.. and the bot registers. There is also the manual way, but this is how they are defeating them large scale now. They also will use more common domains like yahoo.com now for email.

You can't block them fully - but you can cut them way back by adding unexpected questions to your registration. There are simple mods you can add to vb that will add a simple question like 'what is 1+3' to your forum registration. Since its unique to your site, the mass volume spammers will not be able to answer it and won't register.

https://www.vbulletin.com/forum/for...4-how-do-i-prevent-spam-bots-from-registering
 
#13
Admin, you should do a thorough root cause analysis of the incident and put in place controls to prevent such attacks in the future and you should also enhance the security of this forum to protect the website and the villagers.

I have gotten this from the internet, hope it helps.
- ensure they use GD (truetype) fonts
- block the most common abused email domains used by the automated spammers (this is a bit older now)
@5crafts.com @cashette.com .info .ru @web.de @gaweb.com @gawab.com

That will block most of the automated spammers.

The problem is spammers are starting out 'outsource' capcha recognition. They get the capcha... post it to some webpage.. like a porn site.. a human enters the result.. its sent back to the bot.. and the bot registers. There is also the manual way, but this is how they are defeating them large scale now. They also will use more common domains like yahoo.com now for email.

You can't block them fully - but you can cut them way back by adding unexpected questions to your registration. There are simple mods you can add to vb that will add a simple question like 'what is 1+3' to your forum registration. Since its unique to your site, the mass volume spammers will not be able to answer it and won't register.

https://www.vbulletin.com/forum/for...4-how-do-i-prevent-spam-bots-from-registering
Sadly you are doing their job ....Hebu wape paybilll watume kakitu
 
T

TerribleWaste

Guest
#16
Hehe watume kakitu January imekuwa moto....on a serious note, hii website ikipata malware zianze kuaffect our phones and laptops inaweza kuwa a big problem so they should be very proactive with security issues.
Unfortunately the info you provided is valueless.
@Deorro has a superior spam blocking technique that might or might not involve pressing a huge button labelled Spam Stopper. He was back in bed in five.
 

Top