I think if Lemmy doesn’t have the infrastructure to defend against attacks like these which are presumptively conducted by one bad actor, then it doesn’t have the infrastructure to defend against wealthy organizations when our communities do get big enough to be noticed by them.
This community’s history underscores how the messaging system in particular needs a massive overhaul; using image recognition as a filter for messages like Lemmy.World does for image posts (with options for NSFW that isn’t NSFL?), preventing images (and URLs? or only allowing white-listed sites?) from being sent within the first message sent between users (unless a box is ticked?), not showing message recipients images until they are directly opened, and preventing the de-anonymizing of message recipients should be made first priority for the next patch.
I agree that it’s unclear if this newest bad actor sending the graphic image(s?) is that same one sending the vanilla images.
I think they should add a feature, that automatically notifies admins when a single account sends a bunch of messages in a short time (dor DMs, comments and posts) and maybe they should also get an instant temporary ban until the admins have evaluated the situation.
Yeah. IDK anything about the code behind lemmy but some kind of DM limiter or alert seems trivial.
Yes, I agree. The overhaul of the DM system is very urgently needed.
There is definitely a place for DMs on this site and I’ve made use of them several times for various needs. However, there are huge fundamental weaknesses in its current setup.
I think that we need to rethink how federation is done. Currently I can just spin up a server, federate with everyone and start sending spam DMs and do harmful stuff like vote manipulation on a mass scale. That won't scale at all when the bad actors come
Others have suggested that one should prevent images in messages altogether. Or at least if in the first message of an exchange. Or at least for new accounts or accounts without posts.
Coupling these ideas with federation, the following comes to mind:
-
Enable each instance to select from which other instances its users can receive messages with or without images.
-
Allow instance admins to set, individually for each instance they federate with, minimum requirements on accout age, number of posts, received upvotes etc., before (image) messages are accepted from an individual account. E.g. higher requirements if the account is on a poorly moderated instance. Or it has to have made at least one post or comment on the instance to whose user it wants to send a message.
In a different vein, which might be needed when Lemmy & other Fediverse services with private messages attract even more attention:
- A federated 'spam alert system', as in: Instances can broadcast how much spam (and what kind, and how old the sending accouts were) they have most recently received from specified other instances. Now if an account on instance A sends a message to a user on instance B, instance B can combine the recent ratings from instances C, D, E, F about instance A, in order to decide whether to accept this message (or whether to delay it and delete it if the sender gets blocked on its home instance in the meantime, or only show it to users who have ticked a box). Of course, if the admins of B think that instance E regularly trash-talks other instances or instance A specifically, then they can automatically exclude the scores sent by E from entering into the decision. Taking things further, the best would probably be a highly modular approach, where only the spam alert broadcasts follow a common protocol, but the decision system can be different for each instance.
Most of these suggestions could probably work for upvotes/downvotes as well (only that it's more difficult to identify accounts that only manipulate votes and do nothing else – so an even fancier version of 3., perhaps even with broadcasting spam scores about individual accounts, could be needed).
I think the following happened:
- The webcam of the laptop of some random girl got hacked and someone secretly took pictures
- Someone used those pictures for spam
- Someone made an edit with a dead body using a random image of the internet
I think the latest message is just from a random psycho that either wants attention or likes to see how people react.
I therefore suggest the following:
- Ruin their "fun" by locking the community, preventing people from making further comments and preventing any discussion about it (make sure to keep an informative post up that summarizes this to avoid discussion spilling to other communities)
- Contact instance admins to be on the lookout to ensure a swift removal, some might be able to help other admins with image filters.
I also think this is what happened, at least until somebody convinces me the dead person is the same person as "Nicole". I know they bore a passing resemblance, but to my eye they were different people.
It's not. It's from a gore website.
I believe it was a streamer?
Yes. This kind of things isn't new to the internet and it's always attention seeking
IMO it would be in good taste to remove the community's title image until more is known.
I guess that makes sense.
Do you think somebody should publicise the hash of the image? Since that'll perhaps make it easier for admins to remove without compromising any privacy
Do we know if anyone has tried a reverse image search? That might be one way to confirm that it's someone sending gore for shock value just to be an asshole.
I reverse image searched it and it's two years old.
Murdered woman on autopsy table CHINA Leaked footage from a Chinese morgue shows a woman who died after being attacked with a machete. The attacker stabbed her neck several times and almost cut off her ear. Other details are unknown.
Thank you for the update. That makes me feel more confident this is a copycat. They're an asshole either way.
Multiple people said they tried, but it didn't come back with anything useful. Just with more gore. Then again, it might be from a Tor website...
Thanks for the info. The whole thing is despicable.
Yikes, damn, it went in an awful direction very quickly... a very messed up situation, it's a good thing I didn't get those pictures, I'm very sensitive to that kind of thing. The jokes ended (as often happens) because of some sick bastard, and it looks like we may have been playing along with this bastard all along.
Just wanted to report that the latest Nicole spam I received 10 min ago is asking for crypto "donations".
So this may be finally the reason for the phishing, getting crypto donations from gullible people.
Looks like this:
https://i.imgur.com/....png (the usual stolen webcam shot and description)
Please donate to help me pay for next semester!
BTC: ...
LTC: ...
XMR: ...
By the way, has anyone contacted Imgur about this? I think they would take it pretty seriously.
It's clearly not the same as the gore spammer if real nicole spam is still happening
I got one just now as well. I suspect it might even be a different person using the Nicole spam as a cover?
Edit: does anyone know, are there any plans to allow users to disable DMs? It feels like it should be a basic privacy feature and would have stopped all this. Mastodon has the same issue (apparently there's an option to stop non followers DMing you, but I can't find it).
...i received the same message yesterday with a new image, so i suspect it's the original spammer finally firing his payload...
This was the username (already reported). The Nicole text was part of the image (green text on black) and the message body was the bitcoin IDs. I find targeting the Fediverse for this type of scam to be a bit pointless. I doubt there are many people on here who would fall for this sort of scam. The only advantage I can see to targeting the Fediverse is the inability to restrict private messages.
I got the message a few mins after logging on. Both times on Lemmy, I got the Nicole spam when online (I can't remember if that was the case on Mastodon). I don't know if that's coincidence.
...i've received nine nicole messages, each from different usernames, but the payload message was from goldeneyeitemis@lemmy.laitinlok.com...
I think the orginal spammer was a loser who got shunned by her, wanted his revenge and posted her pics and info all over to get revenge. (I also think it was the same person who got pissed at me and stalked me all over lemmy for several months, then started using spam bots to track and downvote my posts. As soon as someone mentioned he may have had ties to nicole spam, he deleted his account and disappeared.)
The new spammer is taking advantage and trying to get a payload. Because the whole vibe is different in the new ones.
What makes you think they're linked?
I wrote about it earlier in this same thread: https://lemmy.today/post/27138344/15514958
Basically, the guy who was stalking me had this obsessive, relentless vibe. He’d actually brag about using alt accounts to follow me so I wouldn’t know it was him, and even admitted to “poking” me just to try and make me "snap." Eventually, someone looked into his behavior and discovered he was using a spambot army to follow and mass-downvote me. During that investigation, someone noticed that the domain names tied to the bots matched the ones used in the infamous Nicole spam when it first started. His account also happened to be created right around the time that spam started.
As soon as that slight connection was made public, and after stalking me, trolling me, and downvoting me for months, he suddenly deleted his account (PapaSkwat@lemy.lol -- the account has been deleted, so I feel I can actually name it).
So maybe it’s just coincidence. But his obsessive behavior, his refusal to let anything go, and the way he bragged about using multiple accounts to bug me, and bragging about trying to run me off Lemmy, lines up exactly with the kind of person who might launch a spiteful spam campaign against the girl who is victim of the Nicole spam.
The timeline, the tools he used, and the general attitude; it all fits. Then again, there are plenty of unstable people online, so who really knows. Just my take.
Wow, you're the only person I've heard being targeted by the same person. What'd you do to piss them off?
I posted news articles from conservative sources to conservative communities. lol
He was so mad about it, he'd follow me to non-political communities just to mention it, then would downvote. Then he ramped up his campaign and started using the spambots.
For example, in a Positivity community, I posted a short post about my scooting on a nice day, "Great day for a simple scoot." He unleashed the bot on it and it has 60 downvotes. https://lemmy.today/post/27013791
Notice that after he got called out and deleted his acount, now my posts there eventurally get up to the regular-ish 5 upvotes that those sort of posts typically get. (They always start out early with a "0" though, because there is still another person that downvotes all my posts. But that person doesn't unleash bots on me, so all good) positivity@lemmy.today
In the middle of his hate campaign against me, I actually asked him why didn't he just block me or the 3 conservative communities I posted to. And he said that he wanted to keep bugging me to make sure that I left Lemmy.
It was weird. I never even thought of leaving Lemmy, so not that big of a deal to me. But it's super fascinating to me that there are people out there who actively want to hate and be unhappy. So strange. Lemmy is just an online forum, no idea why so many take it so seriously.
Obviously me being a conservative on Lemmy means I get plenty of downvotes and spite. I'm fine with that. It's expected. After ragging on me a few times, most get bored and realize that I'm not going anywhere, so they just block me and/or conservative communities.
But that dude was on a whole 'nother level. LMAO
Again, I don't know for sure he was the same guy who's behind the Nicole campaign, just that the timing and his behavior totally lines up with it all. Just my personal theory and I have no solid proof at all.
hate campaign
You're blameless and think other people take Lemmy too seriously?
Apparently others thought it was the posters fault too and realized that he was bad enough to cause defederation: https://sh.itjust.works/post/35952149
As per that thread: "The targeted accounts are all outspoken users with very similar political opinions. I assume whoever is running the downvote accounts doesn’t like their politics."
I'm sure the poster is probably already back under an alt. Probably started another account 4 or 5 days ago. Guess he better cut back on the Nicole spam and downvote bots this time though. :)
Well this got real accusatory too quick for my blood. Good luck with your hate campaign or whatever.
I have no hate campaign, as I have no hate towards anyone. I didn't start the investigations into spambots or defed issues.
But I def hope they find the loser Nicole spammer guy. Incels like that need to be banned and dealt with accordingly because it's unhealthy for awesome places like Lemmy.
I only posted conservative articles to conservative communities though, so he had no reason to be so weird about it.
He was obsessive and stalked me, and used a freakin' bot army to follow me and downvote me. That's too far, and it's weird behavior. He probably also did it to other people he didn't like. That fits with the M.O. of the original Nicole spammer: a loser who can't accept rejection.
This thread isn't about me. It's about Nicole spam. I gave my feedback and theories about who it might be and why I thought that. That's it.
I would like to thank the instance admins dealing with this. I haven't seen any apart from the initial wave.
The way lemmy is designed this will just happen again and again.
We don't need messaging features, it shouldn't be possible to DM users
There has to be a solution. Love it or hate it, DMs, I feel, are a necessary for social networking apps. I don't want to have to download another app if I want to send a direct message to someone on here.
I'm sure there's a good reason why it's difficult to implement but I'm surprised there's no rate limiter on DMs.
I haven't checked to see if Lemmy has equivalents to subs like random acts of pizza, but it might interfere with helpful bots? Just a guess though.
And moderation purposes
Reddit just turned off their DMs
They were mostly used by pedos, I imagine the anonymous discreet nature of this space also attracts those crowds.
Why are you spreading misinformation?
The very thread you linked is them explaining their upgrades to the direct messaging service.
What upgrades? They're telling you to just use the shitty chat feature
DMs, chat, whatever. The point is that you can directly message a user in a way that other users can't see it.
Nice sockpuppet, enjoy your report
Not sure what I expected from someone self described as "angry".
My first blocked user on Lemmy, lmao.
Nice sockpuppet, enjoy your report
Yikes, you're such a douchebag.
Yes, it's medical
Sorry, the semantics of reddit politics aren't very important to me. Point is they aren't getting rid of direct messages.
The semantics of reddit politics is why you created the comments in this chain lmao
Just like when you catch a cat doing something stupid and it furiously grooms itself to pretend nothing happened...
Reddit just turned off their DMs
Even if it's true, who cares? Reddit is a shithole, we don't need to repeat their shitty actions.
They were mostly used by pedos
A very trustworthy statement, yeah...
We don’t need messaging features, it shouldn’t be possible to DM users
Еh? Messaging is great, what are you talking about? 🤨 Sometimes you want to message a person personally, it would be very stupid to throw away the DM feature, in my opinion.
At least you don't have to have three page long threads. And if you don't understand the context or want a help with something, then use DMs.
Thank you. That was an absolutely awful way to start my day. Glad to see it's being taken seriously
In my case, it's a awful way to end the day.
Yikes, the fun is over now. This has escalated too much.
Has anyone been getting "regular" Nicole spam since the gore picture event? If so, do they resemble the old style of spam in terms of content and instance it's sent from?
yes, someone did: https://fedia.io/m/meta@quokk.au/t/2038892
More indication then that the gore spammer was a secondary actor.
Thank you. This is a smart move.
I enjoyed it while it was enjoyable.
I just received a DM from a new account following the same pattern as the gore spam, 2+ year old account and the image link named after my username. This time it was a red anime picture saying "Do you like insanity?". Same person as the second actor?
Got that dm as well. They are posting the dead nicole image. I reverse image searched it and it's from a gore website.
It's description is
Murdered woman on autopsy table CHINA Leaked footage from a Chinese morgue shows a woman who died after being attacked with a machete. The attacker stabbed her neck several times and almost cut off her ear. Other details are unknown.
Caution, full link has a dead body
It has a pastebin link
Pgp public key
`-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZ/ltsRYJKwYBBAHaRw8BAQdAirxngMSSqXGY0goRu5FeYPoSz6lGJPloz47n AKE4LIC0FUx1Y3kgPGx1Y3lAbHVjeS5sdWN5PoiTBBMWCgA7FiEEJmm9ee5H8hQN ujkVxRtYJXxnnZQFAmf5bbECGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AA CgkQxRtYJXxnnZRMdAD/ZTLsn1ece6qnGdNXodRdo9Eow4gOYbxq4AC8i4aaZZUB APOWxTjeK+YTsJu8Si3yEFrA7D6iCMnNS4yu0Kh4JrsGuDgEZ/ltsRIKKwYBBAGX VQEFAQEHQET+MYK1cO9X2eH5jPx5bKyjgY+NCJ7gCBHntxyATBA8AwEIB4h4BBgW CgAgFiEEJmm9ee5H8hQNujkVxRtYJXxnnZQFAmf5bbECGwwACgkQxRtYJXxnnZTw IgEAzjCEEcCnezg291terQ7/2nDar50S2UM+MHVJvllMqp0A/3oOmeKLPwZY9fwh oev5mxZRkrxq4Ori1i+bqhOh45sN =BA26 -----END PGP PUBLIC KEY BLOCK-----`
Key's registered owner
I looked it up, and the other pictures on that site show the woman's face in it's entirety up close. It definitely isn't Nicole.
Same account that just messaged me.
I just got the same shit. And I'm guessing the previous two DMs were also the same. I didn't realize that the links were to something other than my profile.
It looks like they're now posting the 1st gore image directly to communities everywhere.
The end of an era
So I may have a distant and weird connection to the originator of the Nicole spam. No proof, but here's my case.
I had this weird stalker on Lemmy—PapaSkwat@lemy.lol (account’s deleted now, so I think it’s fine to name him). Someone else did some digging and found out he was using a bot army to follow me around and downvote my posts.
While people were investigating that, they noticed something strange: the domains used by his bots matched the original Nicole spam domains.
Then, right after that investigation thread dropped, PapaSkwat suddenly deleted his profile. The same profile that had been active since around the time the Nicole spam started. And he’d been trolling and stalking me for months. One of his comments even admitted he was deliberately poking me to make me "snap.”
There’s this theory that the whole Nicole spam thing might’ve started as revenge. Like, maybe some guy got dumped or rejected, got obsessed, and started blasting her pics everywhere because he couldn’t let it go.
That kinda lines up with my stalker’s behavior. He’d get mad, obsessive, and go out of his way to tell people how awful I was. He even bragged about using alt accounts just to mess with me.
It was bizarre.
So here’s the chain: weird stalker gets outed for running downvote bots → bots are tied to Nicole spam domains → stalker suddenly vanishes → and now Nicole is “dead” (not for real, but metaphorically, like the spam just ends).
Maybe the guy realized the jig was up and decided to kill off the whole Nicole thing too?
I have no clue, no proof other that people's assumptions. It just seems a strange coincidence that my weird stalker guy disappears right after rumblings come up of him being involved in Nicole spam. Then right after he disappears, this dead nicole spam comes up.
Here’s the bot investigation post (2 Instances are being used for coordinated vote manipulation, and should be defederated. chinese.lol lemmy.doesnotexist.club): https://hackertalks.com/post/8713785
And here's a screenshot where he brags to someone about trying to make me "snap" and another where he brags to me directly about having alt names to stalk me too:
I sincerely doubt this has anything to do with you at all, and the only link is that those instances seem to have absentee admins who aren't taking action to ban users. Which is attractive to both spammers and botters.
So here’s the chain: weird stalker gets outed for running downvote bots → bots are tied to Nicole spam domains → stalker suddenly vanishes → and now Nicole is “dead” (not for real, but metaphorically, like the spam just ends).
Maybe the guy realized the jig was up and decided to kill off the whole Nicole thing too?
No. That is in fact not the chain of events as both regular "Nicole" spam and the gore spam (and now the anime picture spam) have continued well past your "stalker" got banned. In fact, both types of spam seem to still be ongoing.
Regular "Nicole" spam and the gore/anime spam have also occurred (and is still occurring) in parallel, with culprits using different origin instances.
Everything suggests this is (at least) two different, separate actors.
I didn't mean to imply that it had anything to do with me in that sense. Just that maybe the same guy who stalked me on here could be the same person behind the Nicole spam.
The creepy vibes I had from him also seemed to match up for the kind of person who would do the Nicole spam--someone who takes the smallest slight and blows it up and goes for revenge and just doesn't stop. Goes to the trouble of setting up and using bots to downvote my every post. Alt names just to follow me and give me shit and downvote. Took glee in taunting that I'd snap and quit Lemmy--which he also mentioned several times.
Definitely the same kind of guy who would take offense when some random girl doesn't give him attention, so he captures pics of her and spams all of Lemmy to creep her out and make her look bad.
But there are lots of weirdos like that in the world I guess.
(Special shout-out to the Lemmy's who supported his harassment of me though. That kind of toxic behavior doesn't help Lemmy.)
This might actually be a very good hint on who the spammer is. Thank you a lot for sharing.
Is it? Aren't both regular Nicole spam and the potential "second actor" spam still ongoing?
I do believe those instances were chosen for the same reason though, as they seem to have absentee admins who aren't banning spammers and botters.
Isn’t this what they would want?
Maybe - but I, and a big part of the members of this community don't see how this should continue otherwise
Assuming the content people are receiving is legal why can't an uncensored version be posted (with a nsfw tag obviously)?
It certainly isn't legal. You can't get consent from a dead person.
What did I miss? The real Nicole is dead and nudes of her were posted?
A new image has been sent to people, depicting what appears to be a battered and deceased woman, topless. It is unclear whether it is the same person as the one in the Nicole spam. It doesn't immediately and obviously look like the same person, but it's also not obvious that it isn't her. The damage makes it a bit hard to tell.
Thanks for explaining. Good on the mods for closing the community. Some people are disgusting.
A picture of a partially naked dead body was posted with the normal text below. It's most likely an unrelated edit with a picture taken from the internet made by some moron who thought it was funny.
This being legal is VERY unlikely. Besides, it's best to not spread this image, for obvious reasons.