Bad actors are abusing large, open-registration, low-moderation Mastodon instances in order to provide direction to the Vidar Stealer trojan horse, which steals passwords, credit card details, bitcoin wallets, etc.

If you run a large, open-registration, low-moderation instance, please consider changing at least one of those qualities.

@noelle How is anyone supposed to find these *unless* you follow the trail from the malware itself? Seems a bit unfair to blame Mastodon servers here


@Gargron @noelle i think you (the generic you, as an admin) can mitigate the attack surface by limiting the amount of time such an account is live, for example by
- disabling open registration
- increasing moderation and review of new accounts
- limiting the user base to a manageable amount

it's not necessarily blaming servers, but these accounts are absolutely findable and the above strategies help to find them more quickly.

· · SubwayTooter · 1 · 0 · 1

@trwnh @noelle That’s far from practical for everyone. You know that if someone creates an empty/innocent looking profile there’s no way to tell that’s it’s somehow used for a nefarious purpose.

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!