Whenever I see a run of spam posts on the fediverse, I’ve taken to looking at the usernames behind them. Nine times out of ten, they turn out to be from kbin instances. Here’s a recent example:

https://kbin.social/u/valige

As I write this, that account shows 8 identical scam posts made within 7 minutes of each other, and nothing else. (I imagine they might be removed by the time you read this.) This is pretty common in my experience. These particular posts are all to kbin magazines, not lemmy communities, but I don’t remember whether that’s always the case.

Since the main kbin instance is not the only one broadcasting this stuff, I wonder if there’s something about the kbin software that makes it attractive to spammers. Does anyone know?


Edit: Some examples that are still cached on my instance:

https://lemmy.ca/u/valige@kbin.social
https://lemmy.ca/u/NITIN-Hardiya279@kbin.social
https://lemmy.ca/u/ishadeshpande@kbin.social
https://lemmy.ca/u/varshareddy21@kbin.melroy.org
https://lemmy.ca/u/Satish-Kumar843@kbin.social
https://lemmy.ca/u/sareena@kbin.social
https://lemmy.ca/u/SidAvasthi@kbin.social

  • Pamasich@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    1 year ago

    kbin.social’s admin (and kbin currently only supports one admin per instance) is also the main dev.

    As I understand it, the sudden unexpected popularity of kbin caused infrastructure issues and made fixing bugs and limitations more important, while he still has to reach his feature goals to secure funding so he can actually continue working on kbin full-time. Additionally, real life had a lot of negative surprises in store he had to deal with.

    All in all, he hasn’t had much time at all to properly moderate the instance, And the past two weeks he’s been gone entirely for real life reasons, leaving the instance unmoderated.

    It’s not an issue with the software itself, just with kbin.social (and of course other badly moderated instances) specifically.

    • example@reddthat.com
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      that’s not entirely accurate.

      the main problem for non-kbin users, as @ono@lemmy.ca is using lemmy, is that kbin moderation actions, such as a moderator or admin removing spam will not federate to lemmy, as this is not implemented yet.
      for a lemmy user, it appears that kbin doesn’t have any moderation at all, while spam is being removed for kbin(.social) users at least.

      for this reason, several lemmy instances have already either defederated from kbin or removed kbin communities from their instance.

    • ono@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      just with kbin.social (and of course other badly moderated instances) specifically.

      Yes, there’s clearly a moderation problem, but it’s not just kbin.social.

      To rephrase the question: why is it that practically all the insufficiently moderated sites are kbin instances?

      kbin currently only supports one admin per instance

      An overwhelmed admin could partially explain why a lot of spam comes from a particular instance. But it wouldn’t explain why most of the small instances generating spam have chosen kbin instead of lemmy.

  • SharkAttak@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    It’s also probably cause spammers don’t get (or care) federation at all. So in their mind gotta spam on kbin–>account on kbin.

  • FiveMacs@lemmy.ca
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Totally were removed. I reported every single one of them then blocked them.

    Was that the same douche that attempted the amazon gift card trash on infosec?

    • ono@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Yes, it was. I’ve added a link to my local instance’s copy, for reference.