cross-posted from: https://lemm.ee/post/177673

Cross posting this here for visibility since lemmy.ml federation has been very hit or miss the last week. Original post from @[email protected]

Today, a bunch of new instances appeared in the top of the user count list. It appears that these instances are all being bombarded by bot sign-ups.

For now, it seems that the bots are especially targeting instances that have:

  • Open sign-ups
  • No captcha
  • No e-mail verification

I have put together a spreadsheet of some of the most suspicious cases here.

If this is affecting you, I would highly recommend considering one of the following options:

  1. Close sign-ups entirely
  2. Only allow sign-ups with applications
  3. Enable e-mail verification + captcha for sign-ups

Additionally, I would recommend pre-emptively banning as many bot accounts as possible, before they start posting spam!

Please comment below if you have any questions or anything useful to add.

  • @[email protected]OP
    link
    fedilink
    English
    11 year ago

    You just described token gating, not multisig. Also you can do multisig without involving any money (or tokens)

    • @CinnerB
      link
      English
      11 year ago

      My comment says deleted by creator (I didn’t delete it) so I don’t remember exactly what I said, but the point is to temporarily (as long as the account exists) put money on the books, which can be taken if you spam but you can withdrawal it when you close your account if you don’t. There would need to be a trusted signing authority so instance admins couldn’t just take it.