Skip to content

Incident: kuroneko discord spam bots

Latest updates regarding the aforementioned incident.

Starting on the 16th of February, a wave of spambots hit a number of instances with new user registrations and constant spam posts. Luckily, we were active at the time they started joining our instance and measures were taken to minimise their effect.

While their posts were predominately in Japanese (due to the origin of the instigator), the bots do seem to mention random users.

We didn't seem to be terribly impacted from the bots on other instances and they have been unable to register accounts on our instance due to steps we took from the onset.

Our initial stance was not to take any action on any instance due to the spam at the time and allow their own moderation team time to get a grip of things. Unfortunately, it became apparent that there is a fair number of instances that aren't as actively attended to and are in a sort of zombie state.

Therefore due to the spam pertaining from those instances (113 in total) becoming problematic, we have taken (hopefully temporary) action against them.

The list of instances with a spam problem (as at the last review) and are subject to federation restrictions are as follows:

Instances (temporarily) limited:
archaeology.social               -- Offline
besties.com                      -- v4.1.5, Offline
bondsdogs.com                    -- Offline
cherryberry.pink                 -- v4.0.2, Offline
cmm.fyi                          -- v4.0.2, Unable To Verify
cunnyborea.top                   -- Offline
devsrv.farhan.codes              -- Offline
digitaldata.social               -- v4.1.4, Offline
edusocial.it                     -- v4.0.2, Offline
fusionpros.social                -- v4.1.2, Offline
games.retrotalk.live             -- Offline
game-tecx.de                     -- v4.1.0, Offline
i.transmit.love                  -- v4.2.1
kernkraft.social                 -- v4.1.4, Offline
kokuusa.club                     -- v4.0.2, Offline
mastadon.astuto.cc               -- Offline
mastodon.integrata-stiftung.de   -- v4.1.2
mastodon.io.seg.br               -- v4.2.1
mastodon.snmsoc.org
mastodon.thedirtydis.co          -- Offline
nasface.cz                       -- v4.0.2
neuroscience-mastodon.com        -- v4.1.4, Offline
niederbayern.social              -- v4.2.5
onion.social                     -- Offline
onlybsds.com                     -- Offline
parkfans.network                 -- v4.1.6
s-h.social                       -- v4.2.3
scfzfilm.org                     -- v4.1.4, Offline
sensitive.hostdon.ne.jp
smooth.guru                      -- v4.1.6
social.consoledated.com          -- Offline
social.cutefunny.net             -- Offline
tech.retrotalk.live              -- Offline
thoughtful.social 

The others are on patched versions 
  (4.0.15, 4.1.15 or 4.2.7) 

Total Instances: 34

We will endevour to periodically review these and remove the limitations as soon as its apparent that they have a handle on things going forward.


The following list are instances that we have reviewed that don't seem to have any more spam posts residing on their instance. However, we have kept the restrictions as they are running a version that lacks the recent security patches and may be a vehicle for future attacks.

Instances still limited (not running latest security patches):
9kb.me                           -- v4.0.0
aether.run                       -- v4.1.0
america.social                   -- v4.1.0
closednetwork.social             -- v4.1.4
cryptodon.lol                    -- v4.1.6
don.neet.co.jp                   -- v4.2.1
electroverse.tech                -- v4.1.9
ellis.social                     -- v4.1.5
folksocial.org                   -- v4.1.4
forum-lucifer.com                -- v4.1.7
freesocial.co                    -- v4.1.9
library.love                     -- v4.1.9
m.corduba.tech                   -- v4.0.2
mastodon.conquestuniverse.com    -- v4.0.2
mastodon.svgun.ru                -- v4.2.3
mastodon.zorqz.com               -- v4.2.0
mastodon-ero.xyz                 -- v4.1.4
molaguay.xyz                     -- v4.0.2
social.tcpcat.net                -- v4.1.4
teamhydra.social                 -- v4.1.4
thewiring.com                    -- v4.2.1
toot.poedelwitz.de               -- v4.0.2
waterlily.tokyo                  -- v4.0.2

Latest patched versions are: 4.0.15, 4.1.15 & 4.2.7

Total Instances: 23

The list below are instances that have cleaned up the spam and are now no longer subject to any restrictions. Therefore, we are happy to re-federate with them.

Instances no longer limited:
0x3c.pl
430022.xyz
adforward.org
airwaves.social
boop.network
castilla.social
cunnin.me
cuyes.mooo.com
dabzyum.masto.host
daotodon.me
educhat.social
fediverse.science
forestver.se
groupsebelah.com
kommunismus.social
kotodama.space
lllsecurity.com
madworld.social
makersocial.online
mastdn.social
mastodon.acm.org
mastodon.ashevillains.org
mastodon.berlin
mastodon.creation.md
mastodon.education
mastodon.london
mastodon.mg
mastodon.wg0.xyz
mastodon-swiss.org
mastodonters.nl
mentalhealth-masto.com
moth.social
nafo.uk
naturalstate.social
neuss.social
opensimsocial.com
osten.social
owo.town
portside.social
phyrexia.ru
pxlmo.net
radz-at-han.city
shotgunlife.social
social.cezeri.tech
social.boom.army
social.foederiert.de
spurlock.social
squabble.org
swiss-talk.net
terere.social
tootnet.nl
utter.online
vacatureforum.nl
westen.social
witten.social
zenzone.social

Total Instances: 56


Sorry for any inconvenience this may have caused and hope that it hasn't swayed you away from our instance or from the fediverse as a whole.