[SPAM] Where does bot spam come from? [INQUIRY] [NET DETECTIVE] (19)

1 Name: Anonymous Addict : 2021-01-07 20:09 ID:A2XHXRdb

I once uploaded Kareha onto a server I was running from home, purely just to test the software and study the code. I didn't advertise the board to anybody, and only made three test threads. Amazingly, after having forgotten about the board, and coming back a year later, I found it full of spam and links.

Everybody knows about textboard spam, wakaba's /soc/ board was removed after being spammed to oblivion, the site that wrote the original gazouBBS (futaba's sourcecode) script's demonstration boards were also full of spam comments written in English, so on, we've all seen it.

Where is it actually coming from though? Has anybody ever gone down the rabbithole of internet spam and bots? How do they find no-name sites that nobody visits? What is their end goal? Who actually runs these bots? Is anybody even running these bots or have they been on autopilot for decades? Is there a network of spammers? What is your experience with spam?

Within the past three years or so, "scambaiting" has become a popular genre of youtube and twitch content, with people investigating tech support scammers and robotcallers and whatnot, but I feel like nobody really cares about the rabbithole of people spamming on websites, when it is just as vast and fascinating.

2 Name: Anonymous Addict : 2021-01-07 23:49 ID:uoRGEjrM

I find it hard to imagine an actual SEA sweatshop specialized on finding unused or unmoderated textboard installations... I'm guessing it's the occasional worker stumbling across a board and dumping all of his scheduled content there. Finding them is probably easy enough, just search for "kareha.pl".

It would be interesting to compare IPs and other patterns, but I'm doubt any active admins keep records of deleted herbal remedy links, and in the case of boards filled with spam there's probably some reason for the admin to be completely absent.

3 Name: Anonymous Addict : 2021-01-17 11:41 ID:+CPx5YYQ

I more wonder how often boards get hit with it out of malice, like how arisuchan was hit with a CP bomb that made the admins give up, rather than just being caught in an automated thing.

4 Name: Anonymous Addict : 2021-01-18 06:09 ID:Yt3C/El8

Rumor has it the occasional CP ad threads that have been popping up on niche IBs lately are manual rather than automated.

5 Name: Anonymous Addict : 2021-01-18 12:41 ID:A2XHXRdb

Just recently 7clams was hit with a cp bomb. relatively obscure hidden board that was run on the domain that 7chan hosts a lot of static files from. Was up for over 10 years before the bomb. Sad.

6 Name: Anonymous Addict : 2021-02-23 21:02 ID:/nXkVKbk

It feels like running your own anonymous imageboard or even textboard is just too risky these days thanks to the CP bombers, and there's not much point in running one when people are just going to use the big 2 imageboards anyways. It's a shame people just give up, I miss small cozy imageboards like shanachan so much.

7 Name: Anonymous Addict : 2021-02-26 07:59 ID:GG2qyXl0

it is absolutely possible to have a textboard without worrying about those things
there are HUNDREDS of abandoned japashit textboards with no cp of any kind, all you need to do is put some ngword/filters to stop those fags

8 Name: Anonymous Addict : 2021-02-26 08:20 ID:/mvml0vi

Or if you're a moderator checking the site more than once a week, leg alone a goddamn year.

9 Name: Anonymous Addict : 2021-03-09 11:58 ID:kTIDk2bz

It's so weird. For fun, I made it so that if you try to visit my IP address directly (instead of going to a vhost) you get a form that sends me an e-mail. A few days after I put it on, I started getting daily mails just saying "0x[]=androxgh0st". What does it mean?!

10 Name: Anonymous Addict : 2021-03-14 12:24 ID:7n0ZhPLW

Here's a fun exercise: pick a random old post, ideally one distinctive enough that you won't find much similar elsewhere, and google it. Then, go to the very last few pages of results. If you picked your phrase well, you will find a bunch of automatically-generated websites with random urls and content composed of low-res memes from decades ago, what might be CP, and pages upon pages of mangled stolen posts from various boards.
Maybe it's some elaborate way of getting money from ad revenue, but I don't understand how. No one will be visiting a url that looks like it came out of Satan's anus. There's definitely some elaborate money-making scheme tied up in there somewhere.

As for the spam that imageboards/textboards get, is it possible that the spambots used also operate on other types of boards as well? Maybe some relatively common spambot software package comes with built in support for various bits of imageboard software. I'd imagine that the spambot's authors implemented support for spamming Wakaba and Kareha boards back when there were far more around. Interested spammers continue to pay for use of said spambot services and they coincidentally end up including imageboards as a target. I expect that good spambot software is intelligent enough these days to automatically detect what is a forum it can post on.

I've always suspected that the CP ad spam could be federal agents trying to bait paedophiles into revealing themselves. That, or some pissed-off imageboard admins trying to get competitors shut down. Or maybe the links go to malware downloads that some skiddie is using to build up his cryptocurrency mining botnet. Probably all three, really.

11 Name: 408 - Name Request Timeout : 2021-03-14 19:21 ID:A2XHXRdb

You mean stuff like this? https://g-runth.com/x8kb46/what-does-based-mean-4chan-d8410b

The internet is a strange place.

This part of the internet is incredibly strange to me and I wish I understood what was happening here.

12 Name: 401 - Unauthorized Name : 2021-03-14 20:59 ID:y5h+X+yg

Oh yeah, it cracks me up whenever some retard YouTube video essayist actually cities "the POW Forums" or some similar site. Its probably just a way to farm e-mail addresses.

13 Name: 422 - Unprocessable Name : 2021-04-03 07:12 ID:oC0VaLyy

goat scrote

14 Name: 422 - Unprocessable Name : 2021-04-05 21:54 ID:Heaven

do you think the guy who posted this feels embarrassed

15 Name: 401 - Unauthorized Name : 2021-04-06 08:04 ID:Heaven

nvm, adblock hid the links on desktop. so probably not.

16 Name: 415 - Unsupported Name Type : 2022-04-02 20:30 ID:1w8wfsMe

This is why running a textboard is far better compared to an imageboard, no images = no illegal content. Obviously you still get pieces of shit who advertise links, but I can imagine is less of a headache for sysadmins to deal with.

17 Name: 403 - Name Forbidden : 2022-04-04 06:49 ID:WvCuu334

This all sounds a lot like that Dead Internet Theory thing.

18 Name: 408 - Name Request Timeout : 2022-05-26 19:32 ID:RZyrtCr5

hell, I administrate multiple websites and that "real rap ed woman" spam (which has been going on for a long while now) is getting out of hand in the last few days. I don't even know what is it's goal, but all files it links to are being hosted on different premium file hosts (meaning you need to pay the file host some money to download). Truly getting sick of it.
One more thing, it's man-made. I confirmed this multiple times by watching its patterns (e.g. posting in an existing thread to see which part of his message is being blocked by the regex filter i implemented, making a word play on the blocked part etc)

19 Name: 403 - Name Forbidden : 2022-05-26 21:26 ID:Heaven

rap ed (rap education)

Leave these fields empty (spam trap):
More options...