Here you can see 2 day old post warning about the danger of not using email/captcha verification: https://lemmy.ml/post/1345031

And here are stats of lemmy platform where it shows that we gained 200 000 lemmy users in 2 days: https://lemmy.fediverse.observer/dailystats

Another tracking site with the same explosion in users: https://the-federation.info/platform/73

What do you think? Is it some sort of a bug or do people run bot farms?

Edit2: It’s been now 3 days and we went from 150 000 user accounts 3 days ago to 700 000 user accounts today making it 550 000+ bot accounts and counting. Almost 80% accounts on lemmy are now bots and it may end up being an very serious issue for lemmy platform once they become active.

Edit3: It’s now 4th day of the attack and the amount of accounts on lemmy has almost reached 1 200 000. Almost 90% of total userbase are now bots.

Edit 3.1: my numbers are outdated, there are currently 1 700 000 accounts which makes it even worse: https://fedidb.org/software/lemmy

  • Flicsmo@rammy.site
    link
    fedilink
    English
    arrow-up
    17
    ·
    1 year ago

    That’s worrying. Though at least it seems they’re mostly confined to a few particular instances. Defederating is a great tool that will definitely mitigate the worst of it, but at the same time this is uncharted water - there’s no real way of knowing what exactly will happen in a large scale attack.

    Just creating accounts isn’t an attack, but it’s going to suck when there actually is one. I wonder if they’ll try to be subtle and use AI or recycled content, or if they’ll just use the accounts for spam or DDoS?

    • Mechanize@feddit.it
      link
      fedilink
      English
      arrow-up
      23
      arrow-down
      1
      ·
      1 year ago

      Probably they are getting ready for some vote manipulation and astroturfing for the long run.
      You know, in case Lemmy and the Fediverse really get mainstream enough to move the public opinion in some way.

      Having a thousand accounts that can upvote a seemingly innocent post made by an active and “real” account is always useful.

      • Flicsmo@rammy.site
        link
        fedilink
        English
        arrow-up
        12
        ·
        1 year ago

        Yeah good point. I think these particular bot instances are being way too obvious to do any major damage - not when it’s as simple as it is to defederate them - but what’ll happen when it’s not 100k bots on one instance, but 1000 instances with 100 bots apiece?

        Let’s hope Lemmy gets the tools needed to deal with this. I wonder how Mastodon does it? They’ve been around a while, I’m sure they’ve had similar issues.

      • socsa@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        These things are always going to be an issue on Lemmy though. Alt detection will basically be impossible.

  • OpenStars@kbin.social
    link
    fedilink
    arrow-up
    16
    ·
    1 year ago

    Test: if it says “hey guys, remember how great Reddit was, we should totally go back!?” - then it’s a bot:-P.

    • Martineski@lemmy.fmhy.mlOP
      link
      fedilink
      English
      arrow-up
      21
      ·
      edit-2
      1 year ago

      When reddit migration begun we saw a huge bump in users and it was steadly stabilising and less users were joing, then this huge bump happened. You can go browse lemmy instances and see how many instances are ghost instances with 0 posts and comments that have tens of thousands of users.

      • HTTP_404_NotFound@lemmyonline.com
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        1 year ago

        Do also note- instances with little activity aren’t that unusual though-

        My instance for example- I don’t really have any communities here, other then a few local to my server. As such, its activity… is pretty low. Everything happens elsewhere.

      • sleepyducky@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        There a new influx in the user migration as well, as some subreddits started pinning lemmy and kbin.social instances on their subs. Also if you go on protest subreddits (such as ModCoord and Save3rdPartyApps) almost every post has a thread/comment redirecting people to the fediverse.

        • eric5949@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I love how beehaw defederated lemmy.world because too many people signed up but a bot instance with almost 50k users is fine. Sorry if I come across as harsh but I just increasingly see that instance as a complete joke.

      • Gatsby@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Are you referring to a separate thread I commented on yesterday with a totally separate user where I said “Nazi punks fuck off?”

        If you took offense to that brother I’m sorry I stand by my words. Even moreso today, even.

        What I’m curious in is why you commented on an unrelated comment in a different thread, with either a secondary account or you weren’t connected to it at all?

  • soft_frog@kbin.social
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    I work in tech, this wouldn’t surprise me.

    Where there are eyeballs there is spam. People even put spam in the Google Analytics referral field and that’s only ever going to get seen by the site owner.

    It really says nothing about the health of the ecosystem, if it’s moderated and not filling the frontpage it’s only an issue for the server admins.

    I’ve fought spammers and one alone could create these numbers in a day.

  • Badass_panda@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Where are you getting that 90% figure? I’m seeing stratospherically higher activity than I was a week ago, I’m willing to buy half to 2/3 of those accounts being a combination of alt accounts, duplicate accounts (e.g., people moving off beehaw) and bot accounts, but 90% bots sounds implausible.

    Nobody is making 1.6 million bots to target 100,000 users.

    • Martineski@lemmy.fmhy.mlOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      The platform has no measures against farming bots that’s why the number of bots is this stupid high, it’s very easy to do at the moment.

      • Badass_panda@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        But everyone’s evidence that it’s happening a lot is that there are lots of new users, and that it’d be easy to make it happen.

        That’s conjecture, not evidence.

  • Hawne@kbin.social
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    Devs will have some hard weeks (probably months) facing the new challenges that come with the exodus. Not even mentioning all the work needed to counteract eventual (probable) malevolent subterfuges such as these bot swarms.
    I’ll make sure to buy them some coffee. Jugs of.