This morning, all FTM forums except Frequently Asked Mac Questions and Mac FAQ Discussion appeared as if I had never read them. I tried logging out/in but that didn't help. Deleting the FTM cookie and the Safari cache and then re=logging in was unsuccessful. I had installed AdBlock yesterday so I disabled it but that didn't solve the problem.

Other sites seem unaffected so I assume that something is wonky with FTM.

You missed it!

I don't know if it was a denial of services attack or what, but we got hit with a bit more than 1,050 spam posts (Oakley Sunglasses) in a coupl'a hours...every forum, which is why FTM looked like you had never read anything. (They came up faster than I could refresh my browser page.)

Thanks, Artie. All seems well right now.

Having been one of those who notified the moderators of the spam bombing, I hope that one or more will chime in about what happened and whether it can be avoided in future. They did a nice job of cleaning it up in the past couple hours.
It certainly seems as though FTM forums were specifically targeted.

Maybe FTM should feel complimented? After all, the spammers must think that we have such a wide audience that it's worth their while.

I saw it when I opened the site much earlier this morning and thought: "What the……?"

To the folks who cleaned up that mess in such short order, "Well done!"

Looking at the server logs, it doesn't seem to be a denial of service or a particularly targeted attack--just run of the mill bot spam with a misconfigured bot. (Most spam bots are programmed not to hit one target more than a certain number of times to avoid tripping automatic protection; this one was probably just badly configured by the spammer.)

> (Most spam bots are programmed not to hit one target more than a certain number of times to avoid tripping automatic protection; this one was probably just badly configured by the spammer.)

Isn't UBB.threads's lack of automatic protection also bad configuration?

UBB.threads, sadly, lacks automatic flood control and other defenses. Its only defense is a database of known bad IP addresses and forum poster names, and that's not a very effective defense at all when faced with botnets.

I've done some more research, and discovered the spam flood is primarily linking to poorly secured servers in Italy and Switzerland which have been hacked. These hacked servers contain links and redirectors to an Amazon affiliate ID, "as_acph_ap_fallhbag_910_on" (probably automatically generated and possibly one of many). The purpose of the spam run appears to be to generate revenue by Amazon affiliate linking.

I've notified Amazon's security team of thie abuse by this affiliate ID, and notified the Web hosts of the network of compromised servers that they have security issues. With luck, Amazon will shut down the affiliate account--removing the economic incentive to spam appears to be the most effective way to deal with it.

It looked to me like the spam could only be taken down in blocks of 25 posts, and that, combined with its lack defenses, marks UBB.threads as seriously deficient.

Allowing 1,000 posts to go up is bad enough, but not facilitating their removal is compounding the injury.

I'm not disagreeing with you. There are some shortcomings to this software, among them being that it seems to be increasingly poorly supported as time goes on. I'd like to see more robust antispam defenses, Facebook integration (I know not everyone likes Facebook, but the fact is, allowing people to log in with Facebook increases participation tremendously), and better management tools.

Quick update: I just heard back from Amazon's security team. They revoked the Amazon affiliate account of our spammer, so he won't be making any money from his run on FTM.

Just to add a bit of curious perspective to this incident, the spammer first hit at around 2:30AM and left only five posts; he/she/it then came back at around 4:30AM, and that's when the floodgates opened.