this post was submitted on 20 Jun 2023
6 points (100.0% liked)

Fediverse

17734 readers
35 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
deadsuperhero@lemmy.ml
wakest@lemmy.ml
6
Trackers like Lemmyverse.net and Fediverse Explorer are incentivizing instance owners to inflate numbers with bots (lemmy.world)
submitted 1 year ago* (last edited 1 year ago) by AlmightySnoo@lemmy.world to c/fediverse@lemmy.ml
2 comments fedilink hide all child comments
 

The vast majority of the instances in that screenshot have known jumps from 1~50 users to tens of thousands in less than a day. These instances also happen to not require a captcha on sign up.

It may very well be that instance owners are innocent as some have really been victims of bot attacks and simply forgot that you could enable captchas for sign-ups, nevertheless I think instance directories like Lemmyverse.net should start disincentivizing anyone from inflating his own instance with tens of thousands of bots in order to get on top of those "leaderboards".

top 2 comments
sorted by: hot top controversial new old
[โ€“] poVoq 2 points 1 year ago

That's certainly another theory why these bot accounts don't actually seem to do anything (so far). But it doesn't fit to the picture that lots of naive instance admins seem to ask for help against this.

I am starting to think that it is either some test run or a greyhat that wants to force instance admins to improve registration security before actual bad actors exploit them.

[โ€“] rysiek@szmer.info 1 points 1 year ago

The vast majority of the instances in that screenshot have known jumps from 1~50 users to tens of thousands in less than a day. T

I think that's taking it too far and jumping to conclusions. I cannot think of a single instance of an instance admin inflating their numbers with bot accounts or in any other artificial way, and I've been on fedi before it was called fedi.

This is almost certainly external bad actors taking advantage of captcha-less open signups.