Spam Post on Docker Hub

joehillen · July 8, 2021, 1:28am

I don’t know how or where to report this, but I was googling for a manual for my ceiling fan and came across this:

https://hub.docker.com/r/ognomato/harbor-breeze-model-lgf-manuals

It’s clearly spam and possibly malicious.

This user has created 255 repos all with the same BS:

https://hub.docker.com/u/ognomato

kizbitz · July 8, 2021, 6:04pm

@joehillen - Thank you! Taken care of.

Jerry

nedgibert · July 28, 2021, 1:57pm

New spam Docker Hub

jtrouth · August 14, 2021, 12:51am

This seems to be a real problem on Docker Hub. I’ve come across results like this from Google searches in the past. The problem is much more apparent if you use the Hub search though. Sorting the results of a search for “download” by recently updated reveals multiple suspicious repos owned by different accounts. “crack” and “manual” are a couple other terms that yield lots of spammy results. Most of the suspicious repo descriptions contain malicious links. The accounts each tend to have somewhere under 200 similar repos, and most of the ones I looked at were created in mid-April of this year. Here’s a random sampling of account names I found utilizing this method. This is by no means a complete list:

derecerpres
nittesthoba
derwsnadinti
guskingtimpsuc
cusymmuaatroc
sadgeberstrap
elsuslechal

Hopefully the Docker team will take steps to combat the posting of malicious links to their platform, or at least provide some kind of reporting mechanism for suspicious repos.

omgimalexis · March 20, 2022, 9:52pm

This is so much worse than this thread shows off. There are potentially 100,000+ spam repos from what I’ve been seeing. Almost every spam account I find has 200+ repos. It only takes 500 accounts to reach that 100k repos mark.

You can follow my journey on twitter with trying to get this fixed.

omgimalexis · March 20, 2022, 9:53pm

Shows how little this forum is checked as that link still works.

rimelek · March 21, 2022, 9:34am

Because this forum is a community forum Staff members not always see the reports here. There are similar reports on GitHub, which is a better place to report issues related to Docker Hub:
https://github.com/docker/hub-feedback/issues

One similar issue where a collaborator has already responded: https://github.com/docker/hub-feedback/issues/2208

I think Docker Hub needs a button on every repository page to report it as a spam.

omgimalexis · May 11, 2022, 3:45am

Nothing at all has been done on your end to fix this issue. I’ll repeat this once again. WE SHOULD NOT NEED TO MANUALLY REPORT THESE.

github.com/docker/hub-feedback

Abuse report, no images, just malicious links in descriptions

opened 08:13AM - 13 Feb 22 UTC

Artanicus

## Problem description Hub has no built-in abuse reporting, so reporting here instead. The user synlapoolca1970 seems to host only malicious links with no images published. **URL**: https://hub.docker.com/u/synlapoolca1970 # Task List - [x] This is **NOT** a security issue - [x] I do **NOT** have a Docker subscription - [x] I have looked through other issues and they do **NOT** apply to me

rimelek · May 11, 2022, 8:23pm

I can understand why you feel this way.
I don’t know if Docker Hub has any spam filter, but even if it has, these spam filters are never perfect. I think we can help Docker by reporting some users, but we should have an easy way to do it at least. Of course, I aggree with you, the best would be if we could not report them at all. Let’s hope, Docker can at least notice the most of them in the feature. This GitHub issue is better than nothing, but not everyone will find it and I don’t think they want to contact the Docker support for this even once.

I will open a feature request on the Docker Roadmap. I will come back with the link.

omgimalexis · May 11, 2022, 8:36pm

… come on. I’ve been reporting these since 2018. They don’t even have basic stuff blocked by spam filters.

rimelek · May 11, 2022, 9:01pm

I opened the feature request and also added a note that this button could be a temporary solution until they can implement a spam filter.

github.com/docker/roadmap

An easy way to report spam accounts and images on Docker Hub

opened 08:41PM - 11 May 22 UTC

rimelek

community_new docker_hub

**Tell us about your request** There are many accounts on Docker Hub with only …pictures, external links to potentially malicious websites, softwares, We should have an easier way to report accounts or images. I would suggest a "Report" button on the page of every accounts and repositories. It could be one button to open a confirmation page with an optional text field to add some explanation or a DropDown list to choose from some preconfigured possible reasons. **Which service(s) is this request for?** Docker Hub **Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?** There is a topic on the Docker forum with multiple reports. https://forums.docker.com/t/spam-post-on-docker-hub/112271/ I suggested to report these on the Hub Feedback repo where I found an existing issue: https://github.com/docker/hub-feedback/issues/2208 Unfortunately, I can understand people why they don't want to contact the Docker support or open a new issue. If someone realizes an account is a spammer, they just won't pull anything from that account and obviously won't click on anything, so it is mainly not for them but for everyone else. Although, when you search for something, it could be annoying to find multiple spam accounts. **Additional context** Since the user, who reported the issue last time stated it was easy to find spam accounts, I tried to search on the Hub for "download" and I found one very soon. So having a report button is my short term request, bevause I think it is much easier to implement then improving an automatic spam filter or even implementing one from scratch.

Well, we don’t know what they have and how much more accounts are blocked, but I would not be surprised if you were right.

Please, add your comment on the opened feature request and feel free to suggest that it would not be enough. I usually want at least some partial solution which can easily be done, but if they see the problem and there are enough comments they might do something even better.

To tell you the truth I have never found any spam accounts before you reported it. Probably because I usually filter to official images or I know what I am looking for and I use words which are not likely to have on these pages. Even if an image is real, it can contain malicious software so having a report button could be used for that too.

nevergone · February 24, 2023, 10:14pm

Spammer user:
https://hub.docker.com/u/stephdenemas

rimelek · February 25, 2023, 12:48am

Thanks for sharing. Unfortunately we can’t delete it. I commented on the feature request again that I opened last year (An easy way to report spam accounts and images on Docker Hub · Issue #341 · docker/roadmap · GitHub).

You could comment too and/or share the spam link in the hub feedback issue linked in this topic and in the feature request in my first post. I know, there are still existing accounts that was reported, this is why I added a new comment in my request, but that is at last better than sharing here where we can’t delete it and the hub team is currently not notified about reports on the forum.