Smith Micro Forums under attack?



  • The system they are using appears to be automated.
    It changes ip ranges, etc. Just about every attack.

    Changes are being weighed and once approved we can go from there.
    We don't want to do changes that affect the people here, and at the same time don't want to do something that wont actually help.

    It happens at every forum, and yes it is a pain in the butt to deal with.



  • Yes, there's been an influx of spam at RDNA since there's no one checking the forums. Luckily they've only been posting in the Newsletter Archive forum, so far, so they're not getting in the way of regular forum threads.



  • We are thinking about making email validation mandatory in order to create new posts.
    Also, we've detected multiple fake accounts, non-related to these attacks.
    This change would apply retroactively to every account found in the system, thus solving the problem with accounts using fake emails for both existing users and newly registered ones.



  • I see three more posts this morning. Man, those spambots are getting good! They can validate email addresses now. :)



  • The attacker must be following forum activity on daily basis, re-configuring bots in hours following security changes, and is both ready and willing to invest a lot of energy and personal time only to be annoying, for whatever reason known to him.

    Not sure what else besides disabling registration would help.



  • The funny thing is:
    Attacks are made using automatically generated Microsoft outlook.com email accounts, which leads me into believing that outlook.com is also vulnerable to bot exploits.
    ...well, it's either that or someone is really bored and keeps making accounts manually on MS outlook.com



  • I'm starting to think we are dealing with ManBearBot = half man, half bear and half bot :)



  • @admin

    Would be cool to calm down that kind of... man with some honey ;-)