Mastodon got targeted by spam attacks coordinated on Discord
Recent cyber attacks show that decentralized platforms have various vulnerabilities
2 min. read
Published on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Mastodon and other social networks are having trouble dealing with spam attacks from hackers. In addition, they are using Discord to coordinate their attacks.
However, it seems like Discord is not taking any actions. Furthermore, the platform did not remove the server in which the hackers coordinated. Thus, the social networks leader think that Discord might not be ready to deal with such issues.
Who targeted Mastodon with spam attacks?
Some reports on Mastodon claim that the hackers were some angry teenagers from Japan. The whole problem started as a conflict in which one of the teenagers wanted to cyberbully the other by using spam bots.
Unfortunately, the attack is not the only problem. After all, it shows that there are various vulnerabilities hackers can exploit. Also, it shows that cybersecurity is no longer just an option, especially for decentralized social networks. After all, they allow us to control our data, move between servers, and create our own.
On the other hand, Discord does nothing to stop threat actors from coordinating spam attacks on Mastodon or other platforms. Moreover, Emelia Smith, a software engineer of the Fediverse, tried to contact Discord on their official channels. However, she got some generic messages back.
According to Eugen Rochko, the spam attacks targeted small servers on Mastodon. On top of that, these servers don’t have any registration requirements, and experts don’t have the right tools to deal with them. Moreover, the Mastodon team can’t deal with the servers they don’t own. As a result, admins could face unexpected bills since their servers increased in size.
Ultimately, this incident shows many vulnerabilities regarding decentralized social networks. Furthermore, it puts Discord in a bad light since the company doesn’t put an end to malicious servers. So, the best way to stay protected is to create servers with registration requirements. On top of that, this problem shows the importance of implementing cybersecurity methods to protect yourself.
If you want to find more about this, check Kevin Beaumont’s post. In addition, you can also read the whole timeline of events.
What are your thoughts? Are you using decentralized platforms? Let us know in the comments.
User forum
0 messages