question

Raf avatar image
Raf asked

Hundreds of new accounts created from China every minute. We're not availble in China. What to do?

Hi guys,

We just had a crazy influx of new users in our title and we have no idea how nor what to do about it. The new accounts are all from android devices in China (where our app is not even available).

Could this possibly be some sort of attack?

The new users just absolutely spiked out of nowhere, as you can see in the graph. It happened for a few hours and then it completed came to a halt and it all went away. Hours later the same thing happen, generating 600 new users every 5 minutes and is still going on as i write this ticket. (see graph below)

Have you guys had any sort of experience with other titles that encountered this issue? What is the appropriate measure here? Should we try to block new users from China? Is that even possible in the PlayFab console?

Thank, any help would be greatly appreciated!

TitleId: 2144

android
screen-shot-2022-08-30-at-95708-pm.png (179.6 KiB)
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Xiao Zha avatar image
Xiao Zha answered

>>Have you guys had any sort of experience with other titles that encountered this issue?

We have not received other title’s report about this sort of issue for now.

>>What is the appropriate measure here? Is that even possible in the PlayFab console?

You could check the IP address of these newly created accounts, and if they come from the same IP, you could Ban the IP with API Ban Users or add ban in the player’s Bans page to see if the problem still exists.

>>Should we try to block new users from China?

If your app does not provide services within China, you could try to block new users from China.

2 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Raf avatar image Raf commented ·

Thanks Xiao,

To the second answer, we tried to IP ban lots of the accounts but that didn't do anything as they're all seem to be coming from different IP addresses.

To the third answer, can you expand on that? Block how? Is there a way in the console to prevent accounts from being created based on region?

We added some server logic to avoid the accounts to get passed the login phase but as far as i know, there's nothing we can do to prevent the spamming of new accounts?

Thanks

0 Likes 0 ·
JayZuo avatar image JayZuo ♦ Raf commented ·

Currently, PlayFab does not provide a feature to prevent API requests based on region. You can try to deny all anonymous login mechanisms with API Access Policy. This should help you block most malicious login。

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.