[midhir]

> Then came the weirdness: bursts of Tor traffic, spammy signups

I have a small hobby site - maybe a few hundred real users ever, and a handful of regulars. But the logs and users table are full of brute force and lousy sql injection attempts.

Why does this happen? How is it economical?

[ACCount37]

Automated attacks, running on botnets or other breached servers.

Spraying 1-in-100000 chance attacks is very economical if you don't pay for compute or traffic.

[trenchpilgrim]

It's economical because the compute and bandwidth come from devices infected with malware.

[bravesoul2]

Put a challenge in. A shitty hidden field honeytrap challenge can massively reduce this without needing to present people with a puzzle.

[j45]

They are automated bots, it's economical when it's automated.

Often, they have databases of technologies, see what they come across and try a bunch of things that have worked, or try to look at the version of the software on your server and try just that.