DrupalCon Baltimore: 161 sessions, many voices, infinite possibilities. Earlybird rate ends Friday.
Sorry to be reposting this from a forum topic, but its been a week and I'm kinda stuck. Originally I said, (quote):
Anyone have any success in stopping one of these CAPTCHA-porn attacks?
The site I administer must have got on one of those sites where people can complete my CAPTCHAS to get paid or see porn. I've been reading about these all day since it's the first I have heard about them having never been nabbed by one in the past few years.
Spam user accounts are being created at a rate of about 30 per hour. Then each account manages to create about 5-10 spam blog posts per hour. This site is already using a free Mollom account as a spam and quality control service, but Mollom isn't blocking the user creation very well and they are real people behind the keys anyway.
The IP addresses are from all over, like India, Estonia, France, Philippines, Brunei Darusalam, and the US, so it doesn't make any sense to block specific geographic IP addresses. The spam email addresses being used have no rhythm that I can predict so I can't successfully block them that way.
Manually moderating user submissions doesn't make any sense for this community website, since the admins would never find the real users amid the hundreds of CAPTCHA-porn user accounts. For now, I have stopped all public registration of the site. I've had the registration switched off for three days and I set it back to our normal public registration and the waves of spam picked right up where they left off.
CAPTCHA.net seems to think it's a pretty small threat, but it doesn't make it any less annoying to admins trying to keep the site content at a high quality:
It is sometimes rumored that spammers are using pornographic sites to solve CAPTCHAs: the CAPTCHA images are sent to a porn site, and the porn site users are asked to solve the CAPTCHA before being able to see a pornographic image. This is not a security concern for CAPTCHAs. While it might be the case that some spammers use porn sites to attack CAPTCHAs, the amount of damage this can inflict is tiny (so tiny that we haven't even noticed a dent!). Whereas it is trivial to write a bot that abuses an unprotected site millions of times a day, redirecting CAPTCHAs to be solved by humans viewing pornography would only allow spammers to abuse systems a few thousand times per day. The economics of this attack just don't add up: every time a porn site shows a CAPTCHA before a porn image, they risk losing a customer to another site that doesn't do this.
That's fine insight, but I'm still being porn attacked. Anyone have any tactic I can deploy to stop this madness?