Xrumer 16.0 spam now targeting hidden fields / honeypots (core antispam)

They have been bypassing the timer for quite some time, it only catches older ones now.


At time 2:27 you can see what I mean about proxies slowing bots down in the past, and thus passing the registration timer accidently. Now they do it intentionaly
To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.
 
It's been a very long time since I last fiddled with xrumer.

Would adding multiple hidden CAPTCHAs before and after the real one confuse the default XRumer functionality?

How easy would it be for a normal XRumer user to bypass such a non-default heuristic (e.g. calculating z-index's, transparency and positions, firing click/touch, mouse move, or keyboard events if the CAPTCHAs are being lazy loaded etc.)?
 
multiple captcha alone wont confuse it, it just passes any captcha it finds back to xevil, and ones it can't solve back to the user/3rd party

But as honey pots, it depends how you hide them, what you are talking about is effectively a honey pot, so as long as you don't do all the red flags that the core does, you can still use honepots, but hidden field types are now targeted (so weaker than before). There are other types of honeypots that are not hidden fields

... all those things you mentioned are done by fbhp, but we can not rely on hidden fields alone now, so must use other types of honeypots (non hidden fields) that have not been targeted.
 
We have no issues blocking data centers. Worst case scenario we block registration via VPN but people can still connect after registration.

The pattern we saw was they moved from their home nation ISP to rented servers and once they lost that they were using infected PCs with US home ISP IP addresses. It got a little nuts at that point but I think they might have lost their botnet because it stopped.
.


I've now updated fbhp to look a hosts and block "bad hosts", I had done this for years against scrapers in my dedos plugin, so it's wasn't hard to add this to fbhp:
https://xenforo.com/community/resou...t-killer-spam-combat.1085/update?update=21706
 
Top Bottom