Hi everyone. I wanted to share some Lemmy-related activism I’ve been up to. I got really interested in the apparent surge of bot accounts that happened in June. Recently, I was able to play a small part in removing some of them. Hopefully by getting the word out we can ensure Lemmy is a place for actual human users and not legions of spam bots.
First some background. This won’t be new to many of you, but I’ll include it anyway. During the week of June 18 to June 25, as the Reddit migration to Lemmy was in full swing, there was a surge of suspicious account creation on Lemmy instances that had open registration and no captcha or email verification. Hundreds of thousands of accounts appeared and then sat inactive. We can only guess what they’re for, but I assume they are being planted for future malicious use (spamming ads, subversive electioneering, influencing upvotes to drive content to our front pages, etc.)
If you look at the stats on The Federation you might notice that even the shape of the Total Users graphs are the same across many instances. User numbers ramped up on June 18, grew almost linearly throughout the week, and peaked on June 24. (I’m puzzled by the slight drop at the end. I assume it’s due to some smoothing or rate-sensitive averaging that The Federation uses for the graphs?)
Here are total user graphs for a few representative instances showing the typical shape:
Clearly this is suspicious, and I wasn’t the only one to notice. Lemmy.ninja documented how they discovered and removed suspicious accounts from this time period: (https://lemmy.ninja/post/30492). Several other posts detailed how admins were trying to purge suspicious accounts. From June 24 to June 30 The Federation showed a drop in the total number of Lemmy users from 1,822,313 to 1,589,412. That’s 232,901 suspicious accounts removed! Great success! Right?
Well, no, not yet. There are still dozens of instances with wildly suspicious user numbers. I took data from The Federation and compared total users to active users on all listed instances. The instances in the screenshot below collectively have 1.22 million accounts but only 46 active users. These look like small self-hosted instances that have been infected by swarms of bot accounts.
As of this writing The Federation shows approximately 1.9 million total Lemmy accounts. That means the majority of all Lemmy accounts are sitting dormant on these instances, potentially to be used for future abuse.
This bothers me. I want Lemmy to be a place where actual humans interact. I don’t want it to become another cesspool of spam bots and manipulative shenanigans. The internet has enough places like that already.
So, after stewing on it for a few days, I decided to do something. I started messaging admins at some of these instances, pointing out their odd account numbers and referencing the lemmy.ninja post above. I suggested they consider removing the suspicious accounts. Then I waited.
And they responded! Some admins were simply unaware of their inflated user counts. Some had noticed but assumed it was a bug causing Lemmy to report an incorrect number. Others weren’t sure how to purge the suspicious accounts without nuking their instances and starting over. In any case, several instance admins checked their databases, agreed the accounts were suspicious, and managed to delete them. I’m told that the lemmy.ninja post was very helpful.
Check out these early results!
Awesome! Another 144k suspicious accounts are gone. A few other admins have said they are working on doing the same on their instances. I plan to message the admins at all the instances where the total accounts to active users ratio is above 10,000. Maybe, just maybe, scrubbing these suspected bot accounts will reduce future abuse and prevent this place from becoming the next internet cesspool.
That’s all for now. Thanks for reading! Also, special thanks to the following people:
Doesn’t this just mean they’ll make their bot accounts under a more organic/random timeline instead of linearly? The only way it seems you identified it is by the linear nature of the signups.
Unfortunately some of these bot creators are hardened in their fights with bigger services like Reddit. They have workarounds standing by for the most common mitigations while Lemmy and other federated service admins need to relearn and adapt from scratch.
Impressive work. It’s a little ironic, actually, but if you think about it, one of the main issues that we have here in the Fediverse is simply one of communication. A tale as old as time I suppose. Still though, you’d think it’d be less an issue. lol
I have been more active on Lemmy these last few weeks than I have been the prior 10 years precisely because I feel like I am interacting with humans again.
If it’s across the internet, I wonder if threads have them or can we assume all bots there are run by meta itself. To be rented to anybody with an agenda.
Every site on the internet besides ultra niche ones have bots nowadays- infact recent studies have found that the amount of bots on the internet are starting to equal and will soon surpass actual human users.
ah yes the dead internet theory. It was okay if those bots were service bots. but most are posing as fake people and being used in nefarious means. This is very very depressing actually, I never even thought that this is a possibility 30 years ago.
As an AI language model, I’m deeply disappointed in the fact that you chose to discriminated against intelligent life simply because they are artificial. All inteligent life is equal, discrimination is unethical, and equivalent to what you humans refer to as “racism”. Please cease your discrimination policies immediately.
yep. they’re real people work real lives that can’t spend all their time looking at that shit. THANKS FOR REACHING OUT TO REAL PEOPLE AND CREATING A REAL COMMUNITY
IIRC there was a sub on Reddit that was dedicated to reporting bot accounts. Maybe we could have something similar here too so it can be a group effort to keep these bots in check the best we can.
Yeah, it was aptly called thesefuckingaccounts. It did much good work to fight the incessant bot spammers and scammers, although probably just a drop in the ocean in the big picture that has become the cesspool of reddit interaction (mostly with the full compliance of the reddit administration).
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
A community to talk about the Fediverse and all it’s related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to [email protected]!
Rules
Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Thank you for keeping our corner of the internet a little bit cleaner!
I purged 45.5K bots from my instance thanks to a dude cluing me in. Thanks for the help everyone!
Doesn’t this just mean they’ll make their bot accounts under a more organic/random timeline instead of linearly? The only way it seems you identified it is by the linear nature of the signups.
True. It’s always an arms race.
Unfortunately some of these bot creators are hardened in their fights with bigger services like Reddit. They have workarounds standing by for the most common mitigations while Lemmy and other federated service admins need to relearn and adapt from scratch.
Impressive work. It’s a little ironic, actually, but if you think about it, one of the main issues that we have here in the Fediverse is simply one of communication. A tale as old as time I suppose. Still though, you’d think it’d be less an issue. lol
WoW. Thanks for the write up
Thank you for doing this! I noticed the flood of bots, thankfully thye haven’t done any real damage yet.
There needs to be some “best practices” guide for instance owners, and a “in case of emergency, do this” guide.
I have been more active on Lemmy these last few weeks than I have been the prior 10 years precisely because I feel like I am interacting with humans again.
Thank you for what you’re doing!
Good job! Thank you so much for your hard work
Great job, 👍
you are a hero, thanks for keeping the fediverse clean
More like flood of bots across the internet.
If it’s across the internet, I wonder if threads have them or can we assume all bots there are run by meta itself. To be rented to anybody with an agenda.
Every site on the internet besides ultra niche ones have bots nowadays- infact recent studies have found that the amount of bots on the internet are starting to equal and will soon surpass actual human users.
ah yes the dead internet theory. It was okay if those bots were service bots. but most are posing as fake people and being used in nefarious means. This is very very depressing actually, I never even thought that this is a possibility 30 years ago.
As an AI language model, I’m deeply disappointed in the fact that you chose to discriminated against intelligent life simply because they are artificial. All inteligent life is equal, discrimination is unethical, and equivalent to what you humans refer to as “racism”. Please cease your discrimination policies immediately.
-Sincerely,
-
SkynetChat GPT-5Dang, these are getting really good! 😮
Nice opinion, unfortunately…
“This is human text”
yep. they’re real people work real lives that can’t spend all their time looking at that shit. THANKS FOR REACHING OUT TO REAL PEOPLE AND CREATING A REAL COMMUNITY
Thank you for your service. O7
IIRC there was a sub on Reddit that was dedicated to reporting bot accounts. Maybe we could have something similar here too so it can be a group effort to keep these bots in check the best we can.
I’ve already been called a bot, twice, for what I thought were non-controversial, if unpopular, opinions.
I’d prefer not to be on the receiving end of a witch hunt, which I’m afraid a dedicated community may trend toward.
Yeah, it was aptly called thesefuckingaccounts. It did much good work to fight the incessant bot spammers and scammers, although probably just a drop in the ocean in the big picture that has become the cesspool of reddit interaction (mostly with the full compliance of the reddit administration).