Tuesday, May 27, 2008

Panoramio under Spam attack

Last weekend Panoramio suffered a Spam attack. Thousands of users were automatically created by a spammer and thousands of comments with malicious links were posted.

We reacted started deleting those fake users and comments using an internal automated script, but soon we realized that it was going to take too long for the database to delete all them, maybe several days. Therefore we did something that worked faster. We deleted all the text of those spam comments to eliminate the dangerous links. That worked immediately and that's why you will see now many spam comments without text. Gradually during the next days those fake users and the empty comments will be completely deleted. We also have temporarily disabled all e-mail alerts for new comments to reduce the impact of the spam in your mailbox.

Joaquin is working right now in adding a captcha (code inside an image) to the sign-up and to the "add a comment". A captcha is only readable by humans, so it should stop further automated massive attacks. However until the captcha is ready is possible you get some more spam.

Panoramio has been relavitely free of Spam for almost 3 years, but the more popular the site gets, the more probable is an attack. We are terribly sorry for this problem and we would like to apologize for all the trouble that it might have caused to you. I would like to thank all the people that reported the problem and helped to fix it, specially Panamon Creel who contacted snipUrl service and got them to disable the malicious links and block the IP of the spammer.