Devtome Bot Attack: My Take

If you have followed Devtome, even just a little, it is hard to miss the fact that the site was taken down for a while due to a bot attack. Even after its return, things are pretty shaky. This, mixed with some other pretty big things happening in the Bitcoin world, has led some to believe that Devtome was intentionally attacked for some reason. I disagree with this notion and I will explain why, but keep in mind that this is an opinion. There is no telling exactly what happened or what the motive was behind the attack. I am just going based on my knowledge of similar situations and how they work.

So the one thing we know for certain is that Devtome was attacked, or I guess we can say “attacked” (being that we do not know whether the situation was intentional or just some error) by one or more bots. This leads to people jumping straight to the conclusion that there is a nefarious plan to take down the site. How did it cause issues? By flooding the site with registrations.

Now, that is where things get interesting. I can not help but think that there are much better and easier ways to take down the site than by spamming it with registrations. This led me to think about what other possibilties there are, and I feel confident that I know which one it was: wiki posting bots. What are these, you may ask? They are different programs that are designed to do a few things (generally for the purpose of gaining backlinks):

  • Load a list of known wiki sites (DokuWiki and WikiMedia are the big ones, although I am sure there are others that are on the lists as well)
  • Create new accounts on each site (almost always including the ability to use a proxy so as to make many accounts on each site)
  • Post “spun” articles on each site with links back to the original site people are building links to

So how does this play in to what happened recently? Well, I think it was a bot (or many bots) gone awry. I think that what happened is as the Devtome grew, it ended up on the spam lists as a known wiki site that has value. This led to it being loaded in to the bots, and that led to tons of people signing up new accounts (or, rather, attempting to). And voila, we have our situation.

Of course, this may not be what happened, but from the perspective of what is known, I think it is the most plausible explanation. I truly believe that the supposed attack was not an attack at all, but that it was some type of mistake that messed up the registration process for bots.

On a great note to all of this (I try to always look for the silver lining), the situation has led to some changes as to how accounts are handled, and I would argue that it is for the better. Rather than accounts being signed up by each person, it is now handled by admins. This grants a couple enhanced benefits over how the system worked before:

  • It helps us ensure that each new person understands what is going on
  • It helps us keep a listing of each new person so that we can vet them out (rather than having to keep watch of new articles just to see what names pop up that we do not recognize)
  • It just adds some overall accountability for the account system

And, of course, this also helps by not letting people hammer the registration system, whether they be bots or legitimate people attempting to take down the site!


QR Code
QR Code devtome_bot_attack_-_my_take (generated for current page)