15,000-strong Army of Twitter Robots Found Spreading Cryptocurrency Spam

Dr. Eduardo Rocha Senior Solutions Engineer & Security Analyst @ GlobalDots
1 Min read

Twitter may be fighting the bot battle, but it’s still got plenty of multi-legged e-millipedes crawling around its ecosystem.

That was evidenced by a large, cryptocurrency scam-spewing collection of robot accounts – at least 15,000 of them – found by Duo Security researchers while they were conducting a three month study.

The researchers announced the find on Wednesday at the Black Hat security conference.

The cryptocurrency scambots found by Duo led to some valuable insights into both how robot accounts operate and how they evolve over time to evade detection.

Right now, the Duo Security researchers say the bots are still functioning, imitating otherwise legitimate Twitter accounts, including news organizations, to bleed money from unsuspecting users via malicious “giveaway” links.

The researchers even found Twitter recommending some of the robot accounts in the Who to follow section in the sidebar.

Typically, the bots first created a spoofed account for an existing cryptocurrency-affiliated account.That spoofed account would have what appeared to be a randomly-generated screen name – say, @o4pH1x­bcnNgXCIE – but it would use a name and profile picture pilfered from the existing account.

Bolstered by all that genuine-looking window dressing, the bot would reply real tweets posted by the original account.The replies would contain a link inviting the victim to take part in a cryptocurrency giveaway.

Image Source

Read more: Naked Security

Latest Articles

AWS FinOps Best Practices

Amazon Web Services (AWS) is the most established cloud vendor on the planet – its vast array of services increases every year, with a staggering 200 new offerings released in 2020 alone. These services offer businesses the ability to adjust resources based on demand – a cost-effective pay-as-you-go model and a global infrastructure for widespread […]

Nesh (Steven Puddephatt) Senior Solutions Engineer @ GlobalDots
30th November, 2023
Reduce Cloud Costs by Up to 80% with Automated K8s

In the dynamic landscape of cloud computing, Kubernetes (K8s) has emerged as a cornerstone for container orchestration. There is no doubt that K8s clusters are effective, yet companies continue to grapple with the complexities of managing K8s clusters, especially in production. GlobalDots, recognizing this challenge, has curated a pioneering solution: a platform that transforms the […]

GlobalDots
30th November, 2023
FinOps Tools: Key Factors to Consider

For organizations already well-established in the cloud, vendors such as AWS and Azure often bite large chunks out of annual revenue. Monthly cloud bills accumulate quickly  – the 5 biggest cloud vendors rake in a combined total revenue of over $80 billion a year, with Microsoft and Amazon claiming the lion’s share of over $20 […]

Nesh (Steven Puddephatt) Senior Solutions Engineer @ GlobalDots
22nd November, 2023
AWS Innovations Decoded: GlobalDots’ Top 20 Picks

Join AWS experts from GlobalDots as they decode the top 20 cloud innovations you need to know in a 2 part Webinar. Gain insider insights on leveraging these transformative technologies to boost performance, tighten security, and reduce costs. Discover real-world applications to apply these advancements to your business. Reserve your spot now! 🚀 Stay Ahead: Learn […]

GlobalDots
31st October, 2023

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential