Important - spam attack

Good morning, everyone -

I’m writing to let you know that we are aware of the spam attacks over the last couple of days. Last night, after I went to bed (believe it or not, it happens), we got hit most severely. I’m in the process of cleaning it up (all 33 pages or so). Our spam filters are usually sufficient to ward off incursions such as these. Please know we’re working on stopping it, so we can get back to our regularly scheduled programming.



Thank you, Carolyn.
As always, your efforts are appreciated.

I am doing this manually, so it’s going to take some time. I’m blocking by IP where possible, but I have to ban piece by piece. I am really careful about watching the site, and, plainly speaking, I feel terrible about it. Please bear with us and I’ll get it fixed as soon as I can.

Blocking it MANUALLY may never work. If this is coming from more then one IP address then they have their own server farm (either real or virtual) and can create THOUSANDS of IP addresses.

Yes, I know. The deletion alone is very labor intensive. I’ve passed it on to both Vanilla and to the Car Talk brain trust to try to stem the flood.

These appear to be entered manually, judging by the frequency and the variation in the message. That makes if much more difficult to block. You may have to block any post with Korean characters in it.

I just noticed a post NOT from bamwar5, someone different, but still korean. So the word is getting around…


now down to 7 pages of spam, from 33 pages.

Please do NOT feel “terrible about it”. You did NOT do it! On he contrary, you’re the one who prevents it from happening more often and has to clean it up when is does happen.

The little fat guy from N. Korea DID promise a cyber attack… I guess this is the best they can do… thank God!

OK, since you didn’t order Korean spam for breakfast, I’ll substitute donuts instead:

I’ll keep an eye on it and try to catch any new accounts that are created while we wait for some sort of higher-level fix. Thanks again for your patience, all.

I feel terrible about it.

Don’t. Spammers are very clever. They will find a way around just about any anti-spam measures you put in place. I have excellent spam filters on my private forum, yet one day at work one of my users emailed me and asked “what’s with all the horse porn?” They’d gotten through somehow and it took hours to clean up their mess. So… It could be considerably worse. :wink:

I ended up making a newly registered user profile which all new signups are assigned to. They can only see one forum, called “spam trap.” They can post there to their hearts’ content, which fools spam bots into thinking they’ve accomplished their mission, except that normal users can’t see the spam trap forum at all.

There’s a sticky announcement in the spam trap telling actual humans to PM an admin to get verified and be released to the real forum.

Unfortunately, that scheme would probably be a bit labor intensive for you guys. My forum is small and new user signups are relatively rare.

Drupal noted a similar attack. The robot? adapts, but they noted they were all gmail accounts.

Thanks for your effort. Man the 33 pages must have happened during sleep time. I like donuts too and love America and Americans. Just got back from the dentist though and he says knock off the donuts.

I hate SPAM…unless it’s the canned variety from Hormel. Thanks for the donuts…I just made the pic my screensaver.

FYI…I had to shrink the pic to make it a screensaver. Anything over 1MB can affect your computer’s performance…even new computers with tons of memory. I have 8 GB of physical memory and the original pic (2MB) affected my computer until I used MS Paint to resize to 1MB. All is well now.

I often wonder what these spammers hope to gain by this type of attack.

The spam is in Korean, for a service in Korea, this is an English Language site, primary U.S. There is no connection.

And, the spam repeated over 600 times with lots of variations. Even if there were someone here interested, why would they want to read the same thing 600 times?

When I was on Yahoo Answers, we got mostly asian spam also, all in a foreign language, many hundreds every day. Over and over and over again…


I’m guessing these attacks are automated, so they just send it out to any place that they find. And once they find one, watch out!

didn’t look automated to me, from the irregular timing, and the text changing on every post. I think they use cheap labor to do this manually.

Oh, you’d be surprised at how ‘intelligent’ the automated spammers are these days. I bet there’s software out there to modify posts to prevent simple corrective actions, just as happened here.

Its almost all automated. Otherwise my spamtrap trick would not work, as a human would see through it right away. Bots are still dumb, fortunately. For now…

I noticed that each new account created three threads each, and for each new IP address three accounts were created. Then whatever bot came up with a new IP and kept creating new accounts. Now it looks like the bot went to sleep, but I don’t want to jinx it. :wink:

The really stupid thing about such bot schemes is that the only thing they do is irritate people. No one is going to look at the spam here and say “Gee, I think I’ll spend money there now that it’s made my favorite forum unreadable.”

If the spammers were smart they’d work advertisements in subtly, like a hint of Borden’s cream in a cup of fine coffee.