Here you can see 2 day old post warning about the danger of not using email/captcha verification: https://lemmy.ml/post/1345031
And here are stats of lemmy platform where it shows that we gained 200 000 lemmy users in 2 days: https://lemmy.fediverse.observer/dailystats
Another tracking site with the same explosion in users: https://the-federation.info/platform/73
What do you think? Is it some sort of a bug or do people run bot farms?
Edit2: It’s been now 3 days and we went from 150 000 user accounts 3 days ago to 700 000 user accounts today making it 550 000+ bot accounts and counting. Almost 80% accounts on lemmy are now bots and it may end up being an very serious issue for lemmy platform once they become active.
Edit3: It’s now 4th day of the attack and the amount of accounts on lemmy has almost reached 1 200 000. Almost 90% of total userbase are now bots.
Edit 3.1: my numbers are outdated, there are currently 1 700 000 accounts which makes it even worse: https://fedidb.org/software/lemmy
I’ve yet to see any of them start posting. On my instance none of them could pass email validation because the emails were fake. I imagine this is true for many instances with a ton of bot sign-ups.
I think just reporting sign-ups as “users” is misleading. The user count on lemmy should reflect only approved/activated accounts, imo.
Another problem is right now the only way to clean them up is to access the database directly, there are no user management tools in the application. I think that’s a skill you should have if you want to run an instance successfully, but I can imagine some may be able to follow the setup, particularly the ansible setup, but be at a loss for how to properly manage it once set up.
The other day when I was filtering by all my front page for absolutely FLOODED with posts that were more or less the same and we’re instantaneous across multiple communities. Not sure if they were all removed or blocked relatively quickly but I had to disable the all filter because it was so many I couldn’t click anything with how fast it auto refreshes.
So they’re definitely on here doing shit. Not to be a doomsayer, but with Meta wanting to take over the fediverse, don’t be surprised if part of their strategy is to flood other instances with bots to the point that they’re unusable. Sure it will get patched eventually but they know how to take over competing platforms. They’re already working on their next tactic for when the bot brigade that stops being effective.
This is tangentially related, but I just had a burst of bot sign-ups. Captcha did nothing by itself, so applications are back on.