Also checkout Room 104 Season 2 Episode 2 "Mr. Mulvahill" is genius.
8 since some episodes left me disappointed. But others are brilliant.
Sleeping? π€π€π€
Thanks to nostr:npub1t0nyg64g5vwprva52wlcmt7fkdr07v5dr7s35raq9g0xgc0k4xcsedjgqv for the Onyx builds, it's my go-to for getting spam info on mobile. π€π
When I want to see a more raw relay feed.
#quotestr
Documenting all the TTPs (Tactics, Techniques & Procedures) for spammers and bots come across to share with relay operators. Data sharing is gonna be key to prevention. Assuming purely up to the client is not sustainable long term. #nostr #relay #relays
Yesterday and overnight seen a few variations on the spam attacks. With nostr:npub16fcy8ynknssdv7s487nh4p2h4vr3aun64lpfea45d7h4sts9jheqevshgh noticed some Chinese language posts mentioning using Relayable relays. Not long after saw our US relay getting an influx of Chinese language posts and Spam from Chinese IPs. Which is odd since someone in mainland China would be directed by our latency based DNS routing to our Singapore relay.
These spam posts are much more evasive than others usng short or long string. Seems to be effecting a lot of relays. We have blocked IPs and found sources of a lot of the spam. The previous spam over weekend was tracked to US and Spain IPs. Adding more policies to thwart these type of attacks. If run relay feel free to DM me for the IP list. π€π«
Examples:
Another is the "cat hugger"
Example:
Yesterday and overnight seen a few variations on the spam attacks. With nostr:npub16fcy8ynknssdv7s487nh4p2h4vr3aun64lpfea45d7h4sts9jheqevshgh noticed some Chinese language posts mentioning using Relayable relays. Not long after saw our US relay getting an influx of Chinese language posts and Spam from Chinese IPs. Which is odd since someone in mainland China would be directed by our latency based DNS routing to our Singapore relay.
These spam posts are much more evasive than others usng short or long string. Seems to be effecting a lot of relays. We have blocked IPs and found sources of a lot of the spam. The previous spam over weekend was tracked to US and Spain IPs. Adding more policies to thwart these type of attacks. If run relay feel free to DM me for the IP list. π€π«
Examples:
Another version of spam seeing is spam complaining about spam (inception spam?). The irony is not lost on me. π€£
Perhaps, but I notice a lot of the non-spam Chinese language posts are via US VPNs. This is how hitting the US relay in many cases. So seems more like if Chinese govt just trying to make relays unusable or get people to stop using relays that Chinese are using.
Both. I was purposely baiting the bots overnight to get them to reveal IPs and tactics. The Chinese spam I started to get seemed more organized and focused after the influx of real Chinese users. So in my fiat life this alludes to something usually more sinister. Still digging into it but some source IPs are Chinese govt potentially.
Yesterday and overnight seen a few variations on the spam attacks. With nostr:npub16fcy8ynknssdv7s487nh4p2h4vr3aun64lpfea45d7h4sts9jheqevshgh noticed some Chinese language posts mentioning using Relayable relays. Not long after saw our US relay getting an influx of Chinese language posts and Spam from Chinese IPs. Which is odd since someone in mainland China would be directed by our latency based DNS routing to our Singapore relay.
These spam posts are much more evasive than others usng short or long string. Seems to be effecting a lot of relays. We have blocked IPs and found sources of a lot of the spam. The previous spam over weekend was tracked to US and Spain IPs. Adding more policies to thwart these type of attacks. If run relay feel free to DM me for the IP list. π€π«
Examples:
One interesting behavior is if tag as spam in Amethyst after a few minutes you get another random account replying to that. It seems to have a purposeful delay to (I assume) avoid rate-limiting.
Example:
Yesterday and overnight seen a few variations on the spam attacks. With nostr:npub16fcy8ynknssdv7s487nh4p2h4vr3aun64lpfea45d7h4sts9jheqevshgh noticed some Chinese language posts mentioning using Relayable relays. Not long after saw our US relay getting an influx of Chinese language posts and Spam from Chinese IPs. Which is odd since someone in mainland China would be directed by our latency based DNS routing to our Singapore relay.
These spam posts are much more evasive than others usng short or long string. Seems to be effecting a lot of relays. We have blocked IPs and found sources of a lot of the spam. The previous spam over weekend was tracked to US and Spain IPs. Adding more policies to thwart these type of attacks. If run relay feel free to DM me for the IP list. π€π«
Examples:
This will make sense tomorrow.
https://nostr.build/i/b854bd21c758170b6f4e9e45e7d65172b9f5b4819a2ffd7cbf17b9bce0504bed.webp
GN #nostr
Proof of Steak π₯©
#foodstr
Doing some key cutting practice to keep the skills sharp. #keystr #redteam
