307Views46Replies

Author Options:

Massive Spam Attack Answered

I'm sure you've probably noticed or been informed but in case it slipped by there was a MASSIVE (~1000 posts) spam attack on the Answers forum. There's no way every post is going to get flagged so consider this a batch flagging.
Are there any security concerns related to this? There's always been spam on that forum but this doesn't seem like it could have been accomplished manually.

46 Replies

user
pseaton (author)2015-06-17

We understand this is a problem, and four separate fixes have already been coded. Of those, two have been released. You're still seeing lots of spam, and while I understand this can be frustrating I hope that the main reason for the delay in the last fixes (which will actually slow down the spam) can be appreciated by this group.

Our highest priority is to protect Instructable and Collection spam, because this is how the great majority of people encounter Instructables. For this reason, we try to keep our filters tighter on Instructables and Collections than on questions and forum topics. In the answers section, spam is certainly very annoying but not quite as directly impactful to as many people.

So when we started seeing lots of spam in the answers section, you may be surprised to learn that the first thing we did was raise the bar on Instructable spam, even though we weren't seeing any. We had already implemented all of the solutions discussed here for Instructables, so to raise the bar there we had to get creative. That's been done, so now we're clear to raise it for answers as well.

I'm sorry we haven't been communicative about this, but since spam tends to be a game of whac-a-mole, it's generally best not to publish your playbook.

Select as Best AnswerUndo Best Answer

user
steveastrouk (author)pseaton2015-06-17

Honesty, rather than "we're on top of it" is a much better policy, and saves you from derision.

Select as Best AnswerUndo Best Answer

user
pseaton (author)steveastrouk2015-06-17

I've several times thought there's value to having some sort of format for regular updates and communication from the dev team. The many groups who have a stake in what we do have very different interactions with the site, though, so I haven't found a single format that makes sense to maintain for everyone. There are our own internal teams, the broader community of authors, advertisers, etc. I occasionally post to the forums, but for the most part I've found my posts here generate a lot of feedback we can't act on. It's not a sustainable habit.

When there's unusual ire, seamster draws us in for a direct comment

Select as Best AnswerUndo Best Answer

user
steveastrouk (author)pseaton2015-06-17

Why seek a "single format", if it makes sense to communicate in different ways ?

Select as Best AnswerUndo Best Answer

user
Downunder35m (author)pseaton2015-06-17

Thanks for an update with some information in it!
At least now we can understand it better.

Select as Best AnswerUndo Best Answer

user
seamster (author)2015-06-16

Please rest assured that no one is asleep at the wheel! :)

The correct parties are aware and are continually working to keep the site spam-free.

Select as Best AnswerUndo Best Answer

user
steveastrouk (author)seamster2015-06-17

If this is no one asleep at the wheel, heaven help us if they were.

Select as Best AnswerUndo Best Answer

user
Downunder35m (author)seamster2015-06-16

If they need more than 2 weeks to fight the current form of spam attacks than something is wrong...
Solutions were named before none is implemented so far.
So does "continually working" in this case mean they are still thinking there should be something done or is there actually something being done?

Select as Best AnswerUndo Best Answer

user

Soo sick of spam, I don't even bother flagging it any more. Just give some trusted members spam killing powers and be done with it.

Select as Best AnswerUndo Best Answer

user
steveastrouk (author)seamster2015-06-16

That explains the complete absence of spam in the answers section.

Oh, wait.

Select as Best AnswerUndo Best Answer

user

Yeah. +1 Totally! Spamtastic! Spammerific! Spamtacular! Spamity spam spam spam, spam spam spam!

Select as Best AnswerUndo Best Answer

user
Downunder35m (author)2015-06-17

Wait, just noticed we are actually closer to three weeks than 2 weeks.
Now imagine it would not just be bloddy spam but something more serious.
No progess stated, no progess to be seen, seems the spammers found the perfect platform for their games.
Not much longer and noone likes to post anymore as it becomes impossible to filter through the spam....

Select as Best AnswerUndo Best Answer

user
steveastrouk (author)2015-06-16

Beats me why its even remotely hard to implement unicode filtering.

Select as Best AnswerUndo Best Answer

user
Downunder35m (author)2015-06-16

Don't want to be nagging but it is over two weeks now and no real progess to see on the spam attacks.
It would be really nice to have a useable website that is not flooded every hour.
Having the spam not show up when clicking on it is one thing but having it blocking entire forum sections is just bad.

Are there any updates on the progess?

Select as Best AnswerUndo Best Answer

user
ColleenM4 (author)2015-06-11

OMG! My email has exploded with the same dang email ".'Luke Skywalker Lightsaber Prop Turned On A Lathe' and More Projects You'll Love" PLEASE FIX!! I cant block from my end - they keep coming.

Select as Best AnswerUndo Best Answer

user
bwrussell (author)ColleenM42015-06-11

You probably should open a new post for that issue since it's a different problem then this thread. That will get it attention faster.

Select as Best AnswerUndo Best Answer

user
pseaton (author)bwrussell2015-06-11

Really sorry about that -- a server went crazy overnight, but we stopped it first thing when we walked in the door this morning. Please let me know if it continues; they should be done now.

We'll be in touch shortly about what happened to those who were affected; I'm really sorry about the terrible experience, but please know that no information has been leaked or compromised, and we're making sure it doesn't happen again.

Select as Best AnswerUndo Best Answer

user
Brooklyntonia (author)ColleenM42015-06-11

You should email service@instructables.com to get this addressed.

Select as Best AnswerUndo Best Answer

user
steveastrouk (author)2015-06-10

....and they're baaaaack.

Select as Best AnswerUndo Best Answer

user
mpilchfamily (author)2015-06-08

So many Q&A's are going unnoticed right now cause there are pages of spam. Need to ban these spammers and their IPs ASAP. I can't even open most of these at work to flag due to the characters. We need to be able to report the user and not just the thread as a spammer. Then the user profile and all their posts can be killed off.

Select as Best AnswerUndo Best Answer

user

I agree, whatever was done to stop the latest spam attacks is not working and ruining this site.
It is impossible to flag them all as it takes far too long for some staff member to act on it.
Often haf a day is gone and the spammers keep spamming.

At least include a posting limit for new users set to 1 to prevent these massive amounts by single spammers.
But here they are now already a step ahead of you as there are endless new accounts with the same spam.

No (real) new user will mind to only be able to make a single posting per day, those trying to post more than 3 can be flagged by the system directly.

Or get more people active to act on the flagged and reported spam, can't be only a hand full of people there to do it!?

Select as Best AnswerUndo Best Answer

user

And the spam is piling up like a mountain with noone stopping it....

Select as Best AnswerUndo Best Answer

user

It's certainly a huge attack and obviously all computer generated. They're getting in about 10 a minute, every minute.

Select as Best AnswerUndo Best Answer

user

That is exactly why I made the suggestions of posting limits for new users and to moderate everything containing more links and number than text.
I know there are new users every day registering but I doubt it is more than we see during these spam attacks.
So even moderating all new user posting would work to make the spam disappear in the forum sections.
I wonder how much longer and they start the same for all Instructables posted...
But the hours are counting as well as the new spam postings with no staff comment or someone stopping them :(

Select as Best AnswerUndo Best Answer

user
seamster (author)Downunder35m2015-06-09

Good morning! :)

Your suggestions are right on the money, and various measures are in the process of being implemented. You should see the spam going away soon.

With this level of bot-created garbage, it's not even worth trying to flag though. We just have to ignore it for a bit, and let the devs do their thing.

Select as Best AnswerUndo Best Answer

user
kelseymh (author)seamster2015-06-09

It keeps coming back :-( One obvious, and trivial filter, since the site already doesn't support it, is to simply trash any forum topic or Question which comes with Unicode in the title or URL. Don't let them into the data base. Don't let them become visible on the pages. As it is, the pages fill with them, but if you try to click through, you get the "403 Forbidden" error so we can't even flag them.

Select as Best AnswerUndo Best Answer

user
Kiteman (author)seamster2015-06-09

It would be nice if somebody let the CT know what the "various measures" are going to be (since we're the ones most likely to be implementing them).

Select as Best AnswerUndo Best Answer

user
seamster (author)Kiteman2015-06-09

The measures implemented to handle this sort of spam would actually be back-end, filtering type things.

Under typical circumstances though, flagging items of spamminess is incredibly useful, efficient, and highly appreciated! :)

Select as Best AnswerUndo Best Answer

user
Kiteman (author)seamster2015-06-09

"Back end" = "weird stuff, in a strange language, that Kiteman breaks".

;-)

(Good to know it's being worked on, though.)

Select as Best AnswerUndo Best Answer

user
Kiteman (author)Downunder35m2015-06-09

There are about 50-60 people capable of making normal postings go away instantly, but (for reasons I do not fully understand), the spam we get with non-Latin characters can only be opened by people with the very highest-level admin access, and there are only a handful of people up there.

Select as Best AnswerUndo Best Answer

user
gmoon (author)2015-06-09

Maybe add a filter for ".com" in the thread title?

Select as Best AnswerUndo Best Answer

user
Jack A Lopez (author)2015-06-08

Did anyone notice, the love problem specialist is back? Just like before, he or she dropped a few hundred solve-your-love-problem-spam-posts during the early hours of the morning, in my time zone.

That's more spam before 8 am, than most spammers upload all day!

Select as Best AnswerUndo Best Answer

user
bwrussell (author)Jack A Lopez2015-06-08

At least with all the characters it's easy to see the real posts through the spam this time.

Seems like it might be high time for a Captcha system on new forum posts or at least on posts to the 'Answers' sub.

Select as Best AnswerUndo Best Answer

user
Jack A Lopez (author)bwrussell2015-06-08

Yeah. I second that motion. If a Captcha system can slow the spammers down to human speed, then I think maybe the volunteer human spam-flaggers could keep up with them.

There might be other solutions too, like maybe a limit on the number of top-level posts per hour, for new users.

Select as Best AnswerUndo Best Answer

user
bwrussell (author)Jack A Lopez2015-06-08

Previously I had thought the spam was human generated given its low frequency and relative readability but this recent stuff makes me think it's a bot-net of some sort similar to how spam emails are generated. A CAPTCHA would in theory eliminate all of this type of post, it's why its very common to see them on forums around the tubes.

Limiting posts for new members could work but might just lead to spammers shifting their tactics and creating more accounts which I suspect is even more of a headache to deal with and remove. If you also forced those limited posts to be approved before going live it would clean it up for the end user but is definitely more back end work for some employee.

Perhaps using both in conjunction could limit both bot and human generated spam.

Select as Best AnswerUndo Best Answer

user
bravoechonovember1 (author)2015-05-30

The instructables spam fighting army seems to be doing a good job, only two left!

Select as Best AnswerUndo Best Answer

user

Indeed, looks much better now.
Thanks a bunch!
Please give some extra bananas to the code monkey to keep them happy.

Select as Best AnswerUndo Best Answer

user
Downunder35m (author)2015-05-29

What do you expect if a spammer finds an easy target that stays that easy without ever changing?
Still begs the question what drives those idiots as neither their english skills, nor their posting skills would ever get someone's attention.
But since Instructables is a good friend with the Google search results a spam posting, combined with the fact that it usually takes quite long to remove spam, has a chance to even show up with a crappy Google search and points here.

Spam happened before and will happen again, no forum can totally avoid this.
But providing a platform that is perfect for spam attacks is not the smartest choice in todays times ;)
Flagging, reporting, deleting (after some time) is nowhere as good as preventing spam postings in the first place.
Still think using a long standing solution like Vbulletin with spam filters known to work and much more options for structure and editing is smarter ;)

Select as Best AnswerUndo Best Answer

user
Kiteman (author)Downunder35m2015-05-30

Most spam is prevented - there are active filters in place that catch far more than ever hits public view. When a way through is found and exploited like this, it's a short-term effect, because they tweak the filters on a regular basis to include different kinds of attack.

Select as Best AnswerUndo Best Answer

user
bravoechonovember1 (author)2015-05-29

I wonder why they chose to spam instructables

Select as Best AnswerUndo Best Answer

user

A lack of upfront spam prevention. They probably spam a lot of places bbut Instructables does all their spam filtering after the fact so you see the results.
Everyweek or so a few spam messages will get posted to Answers but I've never seen a flood like this before.

Select as Best AnswerUndo Best Answer

user
Kiteman (author)bwrussell2015-05-30

There is actually a very good set of filters (I've seen the proportion of caught spam vs what gets through). Unfortunately, when a chink is found in the armour, the spammers exploit it to the hilt.

Normally, those instances are only noticed by most people at weekends, when most paid staff are out of the office, but this attack was massive. I have no idea what they thought to achieve - as DU35M pointed out, there was no real way that their postings would be seen as anything *but* spam.

Select as Best AnswerUndo Best Answer

user
verence (author)2015-05-29

True, so thousands of thousands times true!

Select as Best AnswerUndo Best Answer

user
Downunder35m (author)2015-05-29

As I already did a posting here:
https://www.instructables.com/community/Spam-filter...
I suggest to stick tp the above thread to make it a bit easier for the staff to reply.
Not sure is possible but maybe this one can be closed for posting with a re-director?

Select as Best AnswerUndo Best Answer