While initially delighted for receiving growth overnight, I found it strange that the users who were signing up were doing so every few seconds and minutes.
All the emails in question utilized the @gmail.com domain and began with common English names followed by a hyphen or underscore with a string of at least 15 random characters.
I highly doubt 309 people would want to use an email address with an extra long string appended to the end of it and share it with other people.
Fortunately, I was able to catch it before it grew into the thousands unlike with some other instances. All 309 accounts have been purged from the database, and the user counter should accurately reflect the correct number of users before this incident. As of writing this, there are only 2 registered users for this instance.
I wish the best for other instance admins who have to deal with more than 309 spam accounts with a legitimate audience. For anyone still reading, particularly admins, I recommend enabling the Require email verification AND Captcha options. I noticed almost immediately that the spam account bots stopped.
While nothing too unfortunate happened, I also wish to apologize on the chance someone had a legitimate account and was lurking here or on another instance.
06/21/2023
Update 06/24/2023
As of writing this, 120 additional spam accounts were purged from the database. Rapid sign up frequencies with unusually long strings appended to the end of a common name were utilized once again. Until captchas return in a future version of Lemmy, an undisclosed and much lower registration rate limit will remain in effect to easily identify these bots. The only bot operating from this instance currently should be the MaiionPostBot which takes posts from Reddit and posts them here.
Registration remains open for any legititmately interested people.Edit: Due to the spam accounts consistently making accounts at every half hour mark, new account registrations will be approved manually. This will be temporary until captchas are reimplemented. For now, applicants must explain in a sentence with at least 10 words why they want to join.