Massive Crypto Twitter Botnet Uncovered by Researchers - Bitsonline

Massive Crypto Twitter Botnet Uncovered by Researchers

A pair of researchers have uncovered a sophisticated botnet involved in promoting scam crypto-giveaways on Twitter. Their report offers a detailed picture of a phenomenon that users of Crypto Twitter have long been aware of.

Also read: Red Bull Attempts to Boost Digital Engagement Via Crypto

Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts

Botnet Floods Twitter With Scam Offers of Free Cryptocurrency

Those who keep up with crypto news via Twitter are well aware of the phenomenon of automated accounts, or bots, impersonating high-profile users and responding relentlessly to their tweets with offers of free cryptocurrency.

It has become so prevalent in the last year that many prominent people in crypto have taken to renaming themselves to avoid confusion, with Vitalik Buterin changing his name to “Vitalik Non-giver of Ether” and Binance CEO Changpeng Zhao going by “CZ (not giving crypto away)”.

Earlier this month, crypto analyst and investor Joseph Young reported a bot impersonating his account to Twitter, but the company refused to help:

Report Analyzed Millions of Twitter Accounts

Jordan Wright and Olabode Anise of Duo Security looked further into these “crypto-giveaway” scam accounts in a new report entitled “Don’t @ Me, Hunting Twitter Bots at Scale.” Between May and July of 2018, they detected and monitored a sophisticated botnet involving at least 15,000 accounts organized into a three-tier hierarchy.

The duo collected information on 88 million public Twitter profiles, and then used a machine learning algorithm to classify accounts as either human controlled or automated. The researchers then performed further analysis, looking at which accounts the bots followed and who retweeted and liked their tweets. This revealed a sophisticated three-tier Crypto Twitter botnet structure, where bots had different roles, such as publishing spam, amplifying tweets, or following other bot accounts to make them seem legitimate.

The first tier are bots which impersonate the account of a reputable crypto personality by copying its avatar and display name, often having usernames that are similar to the real account. These accounts then generate spam posts, replying to tweets from the genuine accounts and posting links to where free crypto could supposedly be had.

The researchers noticed that many of these fake accounts all followed the same Twitter accounts, which they call “hub accounts.” Not all of the accounts in this tier of the botnet were involved in the scam, as some were only followed by the bots to give them the impression of being real. But the identification of the hub accounts allowed the researchers to identify further fake accounts.

At the final tier were amplification bots, which liked tweets posted by the first-tier bots in an attempt to make them appear genuine. The discovery of amplification bots also led the researchers to discover more first-tier bots. All three levels of the botnet are mapped out in this graphic:

Crypto Twitter botnet mapping
Green lines represent likes, while black lines represent a follower/following relationship

Report Comes After Social Media Companies Take Belated Action

The use of social media platforms as a way to spread disinformation, conduct online harassment, and deliver spam has dogged tech media companies for years. A few weeks ago, Twitter announced it would begin removing tens of millions of accounts that had previously been locked after displaying suspicious behavior. In February of this year, the social media giant also announced changes to its API that would limit the use of software used to control bot accounts.

A recent Bloomberg report found that authoritarian governments around the world have set up troll farms that leverage social media in order to spread pro-regime messages and attack critics. Controversy also surrounds people like conspiracy theorist Alex Jones and his website Infowars.

Though Jones claims a free speech defense, this week Facebook, Apple, Spotify, and YouTube announced they had removed some of his accounts from their platforms. Despite showing increased willingness to act of late, it’s unclear if the tech giants’ responses will be enough to solve the numerous issues on their platforms.

Have your say. Is Twitter doing too little, too late about this Crypto Twitter botnet issue? Why are they unable to fix the problem, as highlighted by Joseph Young above? 

Images via Pixabay

Related News