Friendica Social Network

IFTAS

3 weeks ago • •

IFTAS
3 weeks ago • •

RE: union.place/@tim/1164266914533…

SW-ISAC Alert

The Russian botnet is now using account invites to evade various mitigations in place.

Please review your invite codes, and who's allowed to use them.

#MastoAdmin #FediAdmin #SW_ISAC_ADVISORY

ref: about.iftas.org/library/suspec…

Tim W RESISTS

2026-04-18 16:38:46

Fellow #MastoAdmin people: if you need to track down all users invited by a particular user, here's an SQL query (disclosure: generated by Gemini, vetted and validated by me): see next post.

This entry was edited (3 weeks ago)

Thibaultmol 🌈 reshared this.

in reply to IFTAS

D. Olifant

in reply to IFTAS • 3 weeks ago • •

Also grouping them here.

pelago.1sland.social/report/ev…

Being auto-added to the dataset here:

fires.1sland.social/fires/view…

And the live Community Reports feed:

pelago.1sland.social/report/fe…

Pelago - Suspected Portal Kombat Accounts

Pelago: Island Network Management

^{pelago.1sland.social}

This entry was edited (3 weeks ago)

reshared this

in reply to D. Olifant

IFTAS

in reply to D. Olifant • 3 weeks ago • •

@oli are you pulling from docs.google.com/spreadsheets/d… ?

IFTAS SW-ISAC TLP:Clear - Suspected PK Accounts

^{Google Docs}

@D. Olifant

in reply to IFTAS

IFTAS

in reply to IFTAS • 3 weeks ago • •

@oli you may be interested in drive.google.com/drive/u/0/fol…

SW-ISAC Public - Google Drive

^{Google Drive}

@D. Olifant

in reply to D. Olifant

IFTAS

in reply to D. Olifant • 3 weeks ago • •

@oli just so you know, these are suspected, not confirmed, we have a false positive tracker and of the latest 682 accounts reported we found 4 to be false positives, this is not a perfect science.

@D. Olifant