MRL has recently noticed the same issue and is discussing solutions: https://github.com/monero-project/research-lab/issues/126
Monero
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
yea and all above IP ranges are found at the top of https://github.com/Boog900/monero-ban-list/blob/main/ban_list.txt. The ban list is good but it is not enabled by default.
100.42.27.* is banned on the one above but not the official monero ban list indicating new malicious subnets appearing.
Interesting observation, would it be difficult to detect such anomalies automatically?
The attacker can just be smarter and use various ASNs + out-proxies for their backend.
My background is small-world network in distributed systems and anti-censorship software like Hyphanet. If the goal is to evict/lessen the purview of the metadata harvesting nodes then some version of web-of-trust + proof of work could be implemented.
Interesting, thanks for sharing!
This post/thread needs to be way way higher up for everyone to see. Sounds just like all the malicious nodes on the tor network. Everything gets tapped eventually. Hopefully a solution can be found. What is the easiest method to host a tor and XMR node safely? I've got a server PC to offer up for good use. Anything possible on a home network or too risky?
https://inv.nadeko.net/watch?v=OviYhLZ02qg - fullnode over tor guide
also the pinode project is really helpful, not just for raspberry pis, neat package - then select tor only