Of the 87 servers we saw compromised in the recent #SpamWave - 68 have modified registration settings and deleted the accounts, 15 remain open, 4 are now offline.
Special thanks to @noahimesaka1873 @austin @gunchleoc and all the IFTAS Connect community members that helped gather info, communicate with the impacted servers, and keep our data up to the minute.
Today? New botnet creating accounts on your servers. See https://mastodon.iftas.org/@sw_isac/113283701270369397 - Connect members can track https://connect.iftas.org/forums/discussion/new-botnet-creating-accounts-on-multiple-servers/
=> More informations about this toot | More toots from jaz@mastodon.iftas.org
@jaz Thank you for organizing the tracker for this round 👏
=> More informations about this toot | More toots from gunchleoc@ailbhean.co-shaoghal.net
@gunchleoc I think it was far more efficient to focus on outreach to the ~90 impacted servers than trying to get thousands of servers to block them.
Last wave, FediCheck saw a number of compromised servers hit the denylist; this time only one made it on.
I believe that's thanks to the community putting in the hard work to get to the root of the problem, which happily means fewer servers blocked and needing to be remembered to be unblocked later, or left blocked forever...
=> More informations about this toot | More toots from jaz@mastodon.iftas.org This content has been proxied by September (3851b).Proxy Information
text/gemini