A recent spam attack on Bluesky shows that even decentralized social networks can be hit by spam sent by botnets. Earlier this month, Bluesky’s network saw a lot of posts that said “remember to always vote Trump.” These posts came from users with random names and default avatars.
The scam didn’t come from Bluesky, though. Instead, it went through Mastodon and Nostr, two other autonomous networks, on its way to Bluesky. The botnet used “bridges,” which are paths that were built between networks so that they could work together, to do this.
The spam attack happened on May 11, but a review by a data scientist just came out a few days ago, which brought more attention to the event. The blog Conspirador Norteño says that the accounts that sent spam to Bluesky were made using the Nostr social networking protocol.
Apps like Damus, Nostur, Nos, and others use Nostr’s interface to work. It is also the network of choice for Jack Dorsey, co-founder of Twitter and former CEO, because it is so popular with Bitcoin users. On the other hand, Dorsey had backed the project at Twitter that turned into Bluesky, a decentralized social networking company. He used to be on the board, but he quit because he thinks the Bluesky team is making the same mistakes they did at Twitter. These days, Dorsey often interacts on Nostr, which he thinks is a more open system.
Nostr and platforms like Mastodon and Bluesky are all autonomous networks, but they don’t talk to each other. This may seem strange. Mastodon uses the ActivityPub protocol, which is now being used by Meta in Instagram Threads and by Flipboard, an open-source alternative to Substack, and other apps and services.
Bridges are being built so that posts can go from one network to another. Some people who use autonomous social networks already disagree on this. Different groups have different ideas about how the bridges should be built, and some people question whether bridges should even exist.
The second group could now use the recent event to show how bad bridges can be, since the botnet cleverly used them to spam another network.
Based on the study of the attack, the Nostr spam first went to Mastodon through the Momostr.pink bridge. After that, a different bridge named Bridgy Fed sent the things from Mastodon to Bluesky.
The account names in the Bluesky versions of the posts have the format npub.momostr.pink.ap.brid.gy, which is a sign of this process, wrote conspirator0@newsie.social on Substack. “The first part of this, from npub to the first dot, is the Nostr account’s public key. The rest, from momostr.pink.ap.brid.gy, shows some tools that were used to connect the posts (Momostr and Bridgy Fed).”
It was possible for the botnet to keep sending “vote Trump” junk until Bluesky shut down the spam accounts. Bluesky started getting rid of accounts while the data was being collected, so the dataset that was going to be analyzed was not full. But based on what was found, it looks like at least 228 users were able to post 470 times in just six hours. A little more than half of them said “Vote Trump,” and the other half said “hello world” with an unknown word in between.
Bluesky stopped the attack pretty fast and deleted the spam accounts. People have asked the company to say whether it will change how it deals with spam or bridges, but it hasn’t done so yet.
This kind of spam attack was possible because Nostr makes it very simple to make new accounts, as the site The Fediverse Report pointed out. What the fediverse, or autonomous social media, really is is once again called into question by the event. Are you okay with being a part of a network that has Nostr content if you join Bluesky? Is Mastodon part of Bluesky’s network now that a bridge has been built?
Also Read: What Trump’s Big Win in the Lowa Caucuses Means for His Opponents
We don’t really know the answers to these questions yet.
What do you say about this story? Visit Parhlo World For more.
