docc Posted January 25, 2023 Posted January 25, 2023 edit: While I typed that last post, another account was created and posted the same spam message in Technical Topics seven times. 1
Speedfrog Posted January 25, 2023 Posted January 25, 2023 Many thanks to docc and Jaap for fending off the Attack of the Bots and keeping this forum safe and secure... 6 2 1
audiomick Posted January 25, 2023 Posted January 25, 2023 52 minutes ago, docc said: ... the same spam message in Technical Topics seven times. Someone told me, my brother I think, why they do that. It seems so senseless on the face of it. The point is, when a link is posted somewhere on the net, it gets found by search machines and various bots. It doesn't have to be there long. The point is as many repeats as possible in different spots. Apparently that improves the chances of the link being shown higher up in the list of hits in a search engine. 2 1
Chuck Posted January 25, 2023 Posted January 25, 2023 I just made a donation to Jaap. Docc.. I'll buy you a beer or two if we meet up again. Thanks for the work you guys do. 5 2
docc Posted January 25, 2023 Posted January 25, 2023 Thanks for all the encouragement. Certainly, this is an annoyance, but still no indication of any kind of data breach. This thread is being actively monitored, so post your concerns here. The member input has been a critical part of assessing the situation. 2 4
docc Posted January 25, 2023 Posted January 25, 2023 2 hours ago, audiomick said: Someone told me, my brother I think, why they do that. It seems so senseless on the face of it. The point is, when a link is posted somewhere on the net, it gets found by search machines and various bots. It doesn't have to be there long. The point is as many repeats as possible in different spots. Apparently that improves the chances of the link being shown higher up in the list of hits in a search engine. Thanks for that explanation, @audiomick. That helps make sense of the tactics. And confirms they are not targeting us, just using our domain (along with many, many others) to flood the search engines. 2
docc Posted January 26, 2023 Posted January 26, 2023 4 hours ago, audiomick said: Someone told me, my brother I think, why they do that. It seems so senseless on the face of it. The point is, when a link is posted somewhere on the net, it gets found by search machines and various bots. It doesn't have to be there long. The point is as many repeats as possible in different spots. Apparently that improves the chances of the link being shown higher up in the list of hits in a search engine. Any ideas as to how long? Minutes, hours, days? If I had a Deputy Moderator on the other side of the International Date Line, we could give them a triple-whammy! 1
Joe Posted January 26, 2023 Posted January 26, 2023 11 hours ago, docc said: Any ideas as to how long? Minutes, hours, days? If I had a Deputy Moderator on the other side of the International Date Line, we could give them a triple-whammy! Docc, can you remind/update everyone how to give money to the forum? 1
p6x Posted January 26, 2023 Posted January 26, 2023 49 minutes ago, Joe said: Docc, can you remind/update everyone how to give money to the forum? There is a donate button right up at the top of the page, in the red marquee. 1 1
Joe Posted January 26, 2023 Posted January 26, 2023 8 minutes ago, p6x said: There is a donate button right up at the top of the page, in the red marquee. Just donated thanks for the heads up. 1 1
Admin Jaap Posted January 26, 2023 Posted January 26, 2023 20 hours ago, Speedfrog said: Many thanks to docc and Jaap for fending off the Attack of the Bots and keeping this forum safe and secure... 'The Attack of the Bots' Sounds like a bad 50's sci-fi movie 3 1 1
4corsa Posted January 26, 2023 Posted January 26, 2023 I just donated as well.Thanks to JAAP, Docc, and all who make this, by far, the best bike-specific blog I've ever had the pleasure of being a part of!Sent from my SM-S901U using Tapatalk 3 2
footgoose Posted January 26, 2023 Author Posted January 26, 2023 3 hours ago, 4corsa said: I just donated as well. Thanks to JAAP, Docc, and all who make this, by far, the best bike-specific blog I've ever had the pleasure of being a part of! Well said. Me Too! Thanks guys 1 1
audiomick Posted January 26, 2023 Posted January 26, 2023 21 hours ago, docc said: Any ideas as to how long? Minutes, hours, days? No, but I dare say it is a matter of minutes. I spoke to a colleague today about what is happening here. His knowledge of such things is self-taught, but he is one of those geeks that really gets into that stuff. I dare say he is mostly right in his assessment. He said the following is probably what is happening: (I'll try and keep it simple but accurate...) There are people who spend their time looking for weaknesses that can be exploited in the operating systems of all sorts of devices. That might mean the sort of pc that one has at home, but also might mean a fridge or a television or anything that has an internet connection when it is switched on. These devices are all, to some extent, a computer, and can be used to perform tasks that they were not intended for. So, these nasty pricks find devices they can exploit, and programm bots to go looking for them on the net. The bot finds the things, exploits the weakness, and plants a script on them that gives the nasty prick access to the device. When the nasty prick has a collection of obedient devices together, he uses them to build a "bot net". These bot nets can be hired in the nastier corners of the internet, and programmed to do stuff. That means, as far as I understand it, using the acquired access to the devices to plant a further script to do something. For instance, to register a user account on a forum. My brother ( I mentioned him further up...) spoke of this as well. In his opinion, the bots create the accounts, and a real person posts the spam. My collegue reckons bots can do the spam posts as well. Doesn't matter, the point is the access to the forum. By the by, the owners of the links that are being posted might not even know that their "publicity agent" is doing that sort of stuff. They may have hired someone to do "internet publicity" and not know (or not care) how it is being done. Anyway, what has probably happened is that one of the nasty pricks has figured out the answer to the trick question for creating an account on this forum, and fed his bots with it. The "bot net" theory explains why it is lots of different IPs registering the spam accounts. For Jaap and the rest of those responsible for the forum, according to my colleague (and it seems to me to be the case) the only solution is to make it harder and/or less attractive for the forum to be targetted. That can include: Changing the "trick question", maybe regularly. Adding a another trick question (if the forum software allows this) Adding a CAPTCHA procedure to the registration procedure (probably the most effective measure, but dependant on whether the forum software provides for that) https://en.wikipedia.org/wiki/CAPTCHA Possibly making the forum inaccessible to guests. Out of all of that, as docc has already written, the whole thing has nothing to do with a data breach here or a direct attack on the forum or anything like that. We've just become victims of nasty pricks who are exploiting the internet for devious gains. Bastards.... 1 4
docc Posted January 27, 2023 Posted January 27, 2023 I tried telling them if they didn't straighten up, I'd be sending the Big Brass Lady to spank their bacon slicer. They were undeterred. Apparently, this threat only gives Guzzisti pause . . . 1 3
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now