Help!!! Spammers suddenly attacking all my SMF forums!!!!

Started by catfished, November 11, 2008, 12:35:46 AM

Previous topic - Next topic
Print
Go Down Pages 1 ... 4 5 6
User actions

H

#100
November 11, 2008, 04:02:47 PM
Quote
Unbelievable!!!!!!!!!!!!!!!!!!!

I have a couple of MyBB forums and they're several versions behind the latest stable one yet they are getting zero (0) spambot sign ups while all my SMF ones are getting hammered by this new major spambot attack. This is considered "problem solved"? Unbelievable!!!  Goodbye SMF, hello MyBB!!

To clarify, I had marked the topic as solved because at this time the solutions have already been posted as well as to remove the topic from our outstanding support queue (as there is nothing that can be suggested that hasn't been already).

As web software becomes more popular it becomes targetted more by spammers. The suggestion has been to increase moderation and install anti-spam mods.

CAPTCHA alone will never be enough to stop bots. If you can read it, someone will eventually enable the computer to do this too.
-H
Former Support Team Lead		                              I recommend:
Namecheap (domains)
Fastmail (e-mail)
Linode (VPS)
                             

Deprecated

#101
November 11, 2008, 04:04:25 PM
Saudi Arabia, Ukraine, Norway, Netherlands... The email addresses are meaningless. I recall from my administrating IPB boards and fighting spammers that the IP addresses and email addresses never match up except by accident.

So the Anti-Bot Registration Puzzles is another possible remedy, along with MC's reCAPTCHA and the Are You Human mod.

Costa

#102
November 11, 2008, 04:10:47 PM
Quote from: Deprecated
Saudi Arabia, Ukraine, Norway, Netherlands...
Yes, i note that too.

Quote from: Deprecated
So the Anti-Bot Registration Puzzles is another possible remedy, along with MC's reCAPTCHA and the Are You Human mod.
Indeed, In this moment I have the bots trying register, but they can't  ;)

* I don't need viagra, so i don't need this kind of spam :P

Farewell
- Costa
Hugo "Costa" Fernandes - PT SMF
Todas as MP's a pedir ajuda são sujeitas a radioactividade, microondas, queimadas e atiradas borda fora.
"At least someone appreciates the fact that I am doing and not thinking..."
"Laziness is counter-revolutionary."

buzinator

#103
November 11, 2008, 04:22:07 PM
1) Yes, 1.1.7.
2) Yes, was Medium.
3) Yes, spam accounts, no posts (not even by the spam accounts).

It's been silent since I set CAPTCHA to High and installed Are You Human.

Touti

#104
November 11, 2008, 04:24:54 PM
Quote from: Deprecated on November 11, 2008, 02:40:16 PM
1.) You are running SMF 1.1.5, 1.1.6 or 1.1.7, but NOT running 2.0
2.) You have the CAPTCHA enabled
3.) We are talking about spam accounts, NOT spam guest posts

Everybody agree with the above 3 points?

That's exactly my case, running 1.1.7, captcha enabled, user validation enabled (I changed it today to admin approval).

In less than 24 hours I had at least 6 or 7 accounts created, some posted, some "only" put links in their signature.

Muslickzz

#105
November 11, 2008, 04:33:53 PM
Easy Fix.. added Re-Captcha from earlier in the thread..

-Mus

Hunnenkoenig

#106
November 11, 2008, 05:15:01 PM
I upgraded yesterday to 1.1.7 and today I had about 30 spam registrations mainly with ru email adresses.

catfished

#107
November 11, 2008, 05:28:18 PM
Quote from: Hunnenkoenig on November 11, 2008, 05:15:01 PM
I upgraded yesterday to 1.1.7 and today I had about 30 spam registrations mainly with ru email adresses.

As previously stated, this has absolutely nothing to do with upgrading to 1.1.7, it's purely coincidental that the attacks started a couple of days after the 1.1.7 release. I started this thread yesterday and blamed it on the upgrade at that time but I was wrong, thanks to the mods for changing the title. It's a new spam attack that has evidently totally cracked the SMF Image Verification system.
You use and like this forum software? Then show your appreciation and support by becoming a Charter Member.



CatfishEd.com

Smoky "Rider" Blue

#108
November 11, 2008, 05:28:32 PM
Quote from: SmokyBlue on November 11, 2008, 01:46:11 PM
to help cut out a few spammers, try this:

admin>registration>set reserved names

then copy this and add to it as needed:

___________________________

Admin
Webmaster
Guest
root
.net                                     
.com
.info
.mobi
.us
.es
.ru
_________________________

hope this will help  ;)



and again i repeat myself  O:) :)
**Take the time to remember friendships and family.. Sometimes it's all we have, and missed very much**

wmcintosh

#109
November 11, 2008, 05:35:13 PM
I agree, it has nothing do with SMF in anyway shape or form.

Spammers are on a rampage thats all.

knut

#110
November 11, 2008, 05:35:54 PM
Hi all,
i have not upgraded to 1.1.7 ( i have 1.1.4.), but i have the same problem.
It began yesterday and today i found many new registered spam users - also a few where have posted spam.
Until yesterday, i have nothing problems with this.    :'( :-\ :(

HistoryHunter

#111
November 11, 2008, 05:52:28 PM
Yes, upgraded to 1.1.7 and been flooded with spam since. No spam before for maybe a year.

madfiddler

#113
November 11, 2008, 06:08:15 PM
I don't think it's 1.1.7 related. I'm on 1.1.5 and had an influx of spam from random gmail registrations.

青山 素子

#114
November 11, 2008, 06:17:02 PM
It isn't related to the upgrade other than perhaps all the press with our recent patch has alerted the "right" spammers to our existence and caused a coordinated spamming run.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.

fullphaser

#115
November 11, 2008, 06:18:10 PM Last Edit: November 11, 2008, 06:20:43 PM by fullphaser
It looks like sometime within the last month, SMF was finally seen as a target, and the general captcha has been broken, its not so much 1.1.7 that has been compromised (I noticed this within the past 72 hours before and after the patch) as it is that SMF has finally become a target like the old PHPbb 2.x boards. As such, unless a drastic change is made for 1.x boards to the captcha system, I can only assume that the attacks will continue. (I don't have enough data on any 2.xb boards to make a conclusion) 

Bots have now been designed to seek out, and compromise the registration system for SMF type boards.

青山 素子

#116
November 11, 2008, 06:28:30 PM
Remember that image verification isn't a complete solution. Any system that humans can come up with for automated human verification that is generated by computers will eventually be passed by the same. (It's awfully difficult to make a good verification image with just gd.)

I'd recommend looking at the reCAPTCHA mod and pairing it with one of the many anti-bot modifications developed. Or you can just add one of the anti-bot mods. Either way, changing from the SMF default registration system will break the automated process.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.

Capn Davey

#117
November 11, 2008, 06:38:40 PM
I have been seeing this for several days one of our forums still runs 1.14 due to some server issues i haven't been able to update it and another one I run got hit heavy what i did is to go to approve all new members for now until this can be resolved.

Dave

Deprecated

#118
November 11, 2008, 06:53:40 PM
I've spent most of the day working on this subject, and I have written a summary of the recommended methods of dealing with this problem:

Tidal wave of spambotbots attacks SMF 1.1.x - How to protect your forum

Throughout the day I've been discussing this with the SMF Team and we're closing this topic and requesting that everybody who still has issues should read the topic linked above, and then you can continue your discussion in that topic. :)

Again, the discussions have moved to the topic linked above. Thanks! :)
Print
Go Up Pages 1 ... 4 5 6
User actions
Advertisement: