Update on Recent Attacks against Mayan EDMS
We’ve been experiencing a new wave of sustained attacks against Mayan EDMS since October 2024, and we want to provide our community with an update on what’s happening.
These attacks are not new; they’ve been ongoing for as long as the project has existed. However, this latest wave is distinct from previous ones in its scope and complexity. It appears to be orchestrated by a well-funded entity that’s hired services across multiple sectors to launch a multi-pronged assault on our reputation, infrastructure, and financial health.
The Attacks
We’ve identified and documented several components of these attacks.
Reputation Attack
A coordinated effort to harm our reputation through fake news stories, propaganda, and disinformation campaigns. This started with a Reddit post that was amplified by other sites without proper fact-checking or counterpoints.
The traffic of sites like HackerNews were enough slant the search results and causing searches for “Mayan EDMS” to only return negative, unrelated, or non canonical results.
My personal Wikipedia page was deleted as part of this attack. My personal Wikipedia page was unmaintained and had accumulated non factual information therefore the deletion of the page had no negative effects.
Denial of Service (DoS) Attacks
Our website, documentation page, and forum have been subject to DoS attacks, which aim to overwhelm our systems and prevent us from countering the reputation attack.
Since this is the most common attack we experience, the preparations we have in place have been enough with only temporary slowdowns lasting just minutes.
All sites are backed up to multiple destinations and methods including offline storage.
The sites are hosted in different compute sources at different providers.
Financial Manipulation
Anonymous email accounts are contacting users and supporters with false claims of fraud, attempting to convince them to cancel their support subscriptions or Knowledge Base memberships.
As of today November 17, we’ve not seen a downturn of subscriptions that would indicate this attack is being successful.
Banking Attacks
Our banks have received fake reports of fraudulent activity, leading one bank to close our commercial account without notice.
We’ve contacted all of our remaining banks warning of this attack.
The bank that cancelled our account was not actively used in part due to their practice of prioritizing political activism above economic activity.
Legal Threats
We’ve received an increase in legal threats which we’re addressing with the help of additional legal team members.
Mayan EDMS IP protections have been in place for years so these attacks are ineffective and just meant to draw on our financial resources.
Since Mayan EDMS is commonly used by our user and clients to battle such attrition attacks common in lawfare our legal team is well versed in countering attacks of this kind.
Hacking attempts
There is an increased attempts to hack and gain of project and personal accounts. All critical accounts are protected by methods that extend beyond just password like multi factor authentication. So far no critical account has been hacked.
In the event an account is compromised we’ll make an immediate announcement to prevent abuse.
Licensing Issues
Increased number of fake projects are using our open-source code under rebranded names, removing copyright and license information.
So far the only result is obscuring of search results. However if you notice a new document management project contacting you or your organization for paid services pay close attention to their UI, feature set and their source code, and compare with Mayan EDMS’ before making a purchasing decision.
Negative SEO Campaigns
New attacks on search engine rankings have been launched.
Multiple pages from the homepage, documentation, and forum are not being indexed by search engines.
Since SEO has not been a part of our marketing strategies for a number of years, these new attacks while effective in their technical execution have not caused changes in our revenue streams or customer reach.
Mailing List Provider Abuse
We’ve received reports of increased fraud activity from mailing list providers, but since we self-host all of our lists, this attack is ineffective.
Distribution Channel Attacks
Our Docker and ArtifactHub repositories are experiencing denial-of-service attacks, which are being mitigated by their respective systems.
ArtifactHub is mostly an information service therefore as long as users follow the official installation procedure shown in our documentation page this attack is ineffective.
Spam
The most aggressive attack we’re facing is the spam assault on our forum. On November 16th, we took proactive steps by temporarily shutting down the site to install enhanced tools designed to detect and prevent spam. Unfortunately, due to the inherently reactive nature of spam mitigation, this type of attack will likely continue to have some impact.
These new tools have been effective in increase the detection rate and automatic flagging of spam even with the new behaviors we are seeing.
Out of all the attacks this is the one that will continue to present a challenge.
In an effort to balance security with user experience, our approach involves continuously updating our anti-spam measures in response to emerging threats. This means that while we can effectively counter new spam tactics after they’ve been identified, there’s always a lag between the time a new behavior is discovered and when it’s blocked by our systems.
We’ll continue to refine our spam detection tools and adapt to new threats as they arise, but we appreciate your understanding that complete eradication of spam may not be possible specially since we need to balance spam elimination with avoiding blocking genuine content.
Conclusion
These coordinated attacks demonstrate a malicious intent to harm or kill the Mayan EDMS project. We want to assure our community that these efforts are not reflective of the actual technical or commercial health of the project, in fact quite the opposite.
The continued and growing success of Mayan EDMS in all areas is the reason these unknown actor(s) need to resort to such practices since otherwise they or their products cannot compete with Mayan EDMS, our success stories and our constant stream of migrations away from their products.