Twitter’s cryptocurrency scam botnets are the focus of new research aimed at fighting the phenomenon.
New research published today, Aug. 6, has shed light on the infamous phenomenon of cryptocurrency-related Twitter accounts advertising fake “giveaways,” revealing a network of at least 15,000 scam bots.
The analysis of Twitter bots, which continue to aggravate and even fool unsuspecting users, came from cybersecurity company Duo Security.
The project involved a huge tranche of 88 million Twitter accounts, with researchers using machine learning techniques to train a bot classifier.
Using just the latest 200 tweets from each account, the classifier unearthed a mesh of 15,000 bots at work spreading fake competitions and impersonating some of the cryptocurrency industry’s best-known figures and businesses.
“Users are likely to trust a tweet more or less depending on how many times it's been retweeted or liked. Those behind this particular botnet know this, and have designed it to exploit this very tendency,” Duo data scientist Olabode Anise said in an accompanying press release.
Those who have fallen victim to the scams’ attempts at identity theft have long changed their Twitter handles to warn others they were not giving away coins or tokens –– such as Ethereum co-founder Vitalik Buterin’s Twitter, Vitalik Non-giver of Ether.
For those actively on “crypto Twitter,” the bots have become almost part of the scene, due to the ubiquity of their fake promotions.
Despite their huge numbers, Duo found, the bots are also actively engaged in avoiding being shut down.
“The bots’ attempts to thwart detection demonstrate the importance of analyzing an account holistically, including the metadata around the content,” Anise continued:
“For example, bot accounts will typically tweet in short bursts, causing the average time between tweets to be very low. Documenting these patterns of behavior can also be used to identify other malicious and spam botnets.”
Anise and fellow researcher, principal R&D engineer Jordan Wright, will present their findings at the 2018 Black Hat USA security conference in Las Vegas this Wednesday, August 8.
Responding to the research, Twitter said it was “aware” of the problem, telling Duo “[s]pam and certain forms of automation are against Twitter's rules. In many cases, spammy content is hidden on Twitter on the basis of automated detections,” adding in defense “[l]ess than 5% of Twitter accounts are spam-related.”