In July we reported on Coin Digital about how a huge network of Twitter bot accounts are running a cryptocurrency scam that led to the leaders in the crypto industry reduce the usage of their Twitter accounts to prevent people from falling for these “giveaway” scams.
And if things weren’t bad enough, these bots then started targeting high-profile entrepreneurs and personalities in the tech industry as well.
Well, according to ITPro, Duo Security led a research into this that led to them looking at 88 million Twitter accounts from May to July. They used machine learning to identify bots, malicious or otherwise, on the platform.
Unsurprisingly, the research team found a single network of 15,000 bots that were working in a three-tiered structure that spread fake cryptocurrency giveaways. The amazing thing about these bots was that they were evolving in real-time to avoid detection. That is really interesting because I never thought that these bots would be that advanced.
I thought that these were just some basic level bots that someone created just to see if they could use their programming skills to make some money on the side. But this seems like the work of a highly skilled programmer who definitely knows what they are doing.
After the discovery of this huge network, the Duo team published a paper in which they went into detail about how the botnet works. They will also be presenting the paper at the 2018 Black Hat cybersecurity event on Wednesday.
How These Botnets Work
So to get started, the bots would first create a copycat account for a genuine cryptocurrency or tech-related account. They would copy everything, top to bottom. From the handle, the profile picture, the bio, everything.
After that, they would start by replying to the tweets that were posted by the real account. This way, they are able to entice Twitter users to the scam who think that these replies are from the real account.
But to add to the complexity of the whole thing, these bot account had other fake accounts that used to give them “likes” to their scam tweets that would artificially increase the popularity of their tweets, thus leading other people to believe that they are doing a legitimate giveaway.
Although Twitter has been actively working on shutting down these types of accounts, because these accounts are evolving and are getting good at avoiding detection, they are making the whole thing harder for Twitter.
But Duo is planning to open source the techniques described in the paper in hopes that social networks can develop new techniques to identify these scambots and help keep social networks a safe and healthy place.