This seems to be a real problem on Docker Hub. I’ve come across results like this from Google searches in the past. The problem is much more apparent if you use the Hub search though. Sorting the results of a search for “download” by recently updated reveals multiple suspicious repos owned by different accounts. “crack” and “manual” are a couple other terms that yield lots of spammy results. Most of the suspicious repo descriptions contain malicious links. The accounts each tend to have somewhere under 200 similar repos, and most of the ones I looked at were created in mid-April of this year. Here’s a random sampling of account names I found utilizing this method. This is by no means a complete list:
derecerpres
nittesthoba
derwsnadinti
guskingtimpsuc
cusymmuaatroc
sadgeberstrap
elsuslechal
Hopefully the Docker team will take steps to combat the posting of malicious links to their platform, or at least provide some kind of reporting mechanism for suspicious repos.
This is so much worse than this thread shows off. There are potentially 100,000+ spam repos from what I’ve been seeing. Almost every spam account I find has 200+ repos. It only takes 500 accounts to reach that 100k repos mark.
You can follow my journey on twitter with trying to get this fixed.
Because this forum is a community forum Staff members not always see the reports here. There are similar reports on GitHub, which is a better place to report issues related to Docker Hub: https://github.com/docker/hub-feedback/issues
I can understand why you feel this way.
I don’t know if Docker Hub has any spam filter, but even if it has, these spam filters are never perfect. I think we can help Docker by reporting some users, but we should have an easy way to do it at least. Of course, I aggree with you, the best would be if we could not report them at all. Let’s hope, Docker can at least notice the most of them in the feature. This GitHub issue is better than nothing, but not everyone will find it and I don’t think they want to contact the Docker support for this even once.
I will open a feature request on the Docker Roadmap. I will come back with the link.
I opened the feature request and also added a note that this button could be a temporary solution until they can implement a spam filter.
Well, we don’t know what they have and how much more accounts are blocked, but I would not be surprised if you were right.
Please, add your comment on the opened feature request and feel free to suggest that it would not be enough. I usually want at least some partial solution which can easily be done, but if they see the problem and there are enough comments they might do something even better.
To tell you the truth I have never found any spam accounts before you reported it. Probably because I usually filter to official images or I know what I am looking for and I use words which are not likely to have on these pages. Even if an image is real, it can contain malicious software so having a report button could be used for that too.
You could comment too and/or share the spam link in the hub feedback issue linked in this topic and in the feature request in my first post. I know, there are still existing accounts that was reported, this is why I added a new comment in my request, but that is at last better than sharing here where we can’t delete it and the hub team is currently not notified about reports on the forum.