15,000-strong Army of Twitter Robots Found Spreading Cryptocurrency Spam
Twitter may be fighting the bot battle, but it’s still got plenty of multi-legged e-millipedes crawling around its ecosystem.
That was evidenced by a large, cryptocurrency scam-spewing collection of robot accounts – at least 15,000 of them – found by Duo Security researchers while they were conducting a three month study.
The researchers announced the find on Wednesday at the Black Hat security conference.
The cryptocurrency scambots found by Duo led to some valuable insights into both how robot accounts operate and how they evolve over time to evade detection.
Right now, the Duo Security researchers say the bots are still functioning, imitating otherwise legitimate Twitter accounts, including news organizations, to bleed money from unsuspecting users via malicious “giveaway” links.
The researchers even found Twitter recommending some of the robot accounts in the Who to follow section in the sidebar.
Typically, the bots first created a spoofed account for an existing cryptocurrency-affiliated account.That spoofed account would have what appeared to be a randomly-generated screen name – say, @o4pH1xbcnNgXCIE – but it would use a name and profile picture pilfered from the existing account.
Bolstered by all that genuine-looking window dressing, the bot would reply real tweets posted by the original account.The replies would contain a link inviting the victim to take part in a cryptocurrency giveaway.
Read more: Naked Security