Researchers Reveal Network of 15K Crypto-Related Scam Bots on Twitter

Published at: Aug. 6, 2018

New research published today, Aug. 6, has shed light on the infamous phenomenon of cryptocurrency-related Twitter accounts advertising fake “giveaways,” revealing a network of at least 15,000 scam bots.

The analysis of Twitter bots, which continue to aggravate and even fool unsuspecting users, came from cybersecurity company Duo Security.

The project involved a huge tranche of 88 million Twitter accounts, with researchers using machine learning techniques to train a bot classifier.

Using just the latest 200 tweets from each account, the classifier unearthed a mesh of 15,000 bots at work spreading fake competitions and impersonating some of the cryptocurrency industry’s best-known figures and businesses.

“Users are likely to trust a tweet more or less depending on how many times it's been retweeted or liked. Those behind this particular botnet know this, and have designed it to exploit this very tendency,” Duo data scientist Olabode Anise said in an accompanying press release.

Those who have fallen victim to the scams’ attempts at identity theft have long changed their Twitter handles to warn others they were not giving away coins or tokens –– such as Ethereum co-founder Vitalik Buterin’s Twitter, Vitalik Non-giver of Ether.

For those actively on “crypto Twitter,” the bots have become almost part of the scene, due to the ubiquity of their fake promotions.

Despite their huge numbers, Duo found, the bots are also actively engaged in avoiding being shut down.

“The bots’ attempts to thwart detection demonstrate the importance of analyzing an account holistically, including the metadata around the content,” Anise continued:

“For example, bot accounts will typically tweet in short bursts, causing the average time between tweets to be very low. Documenting these patterns of behavior can also be used to identify other malicious and spam botnets.”

Anise and fellow researcher, principal R&D engineer Jordan Wright, will present their findings at the 2018 Black Hat USA security conference in Las Vegas this Wednesday, August 8.

Responding to the research, Twitter said it was “aware” of the problem, telling Duo “[s]pam and certain forms of automation are against Twitter's rules. In many cases, spammy content is hidden on Twitter on the basis of automated detections,” adding in defense “[l]ess than 5% of Twitter accounts are spam-related.”

Tags
Related Posts
New York polls crypto firms on security measures after Twitter hack
The New York Department of Financial Services, or NYDFS, has released a lengthy report analyzing the impact of July’s high-profile Twitter hack, which resulted in the theft of over $118,000 worth of Bitcoin (BTC). Far beyond the immediate material impact, the NYDFS states that the incident exposed deep cybersecurity weaknesses of a publicly-traded social media company valued at $37 billion and counting over 330 million active monthly users. The discovery has serious consequences in light of the platform’s ever-expanding influence on both financial markets and the political sphere. Two key sections of the NYFDS report, published on Oct. 14, tackle …
Bitcoin / Oct. 16, 2020
Indian prime minister Modi's hacked Twitter account attempts BTC scam
The official Twitter account of Indian Prime Minister Narendra Modi got compromised earlier today, which was then used to share misleading information about the mainstream adoption of Bitcoin (BTC) and redistribution of 500 BTC among the Indian citizens. On Dec. 10, Modi said in a virtual event virtual summit hosted by US President Joe Biden that technologies such as cryptocurrencies should be used to empower democracy and not undermine it: “By working together, democracies can meet the aspirations of our citizens and celebrate the democratic spirit of humanity.” While the long-awaited Lok Sabha Winter Session, a parliamentary meetup intended to …
Adoption / Dec. 12, 2021
British Army’s social media accounts hacked by crypto scammers
The British Army’s official Twitter, Facebook and YouTube accounts were breached on Sunday for almost four hours, with scammers promoting rip-off nonfungible token (NFT) collections and cryptocurrency scams. Just after 2:00 pm EST on Sunday, the United Kingdom Ministry of Defence (MOD) Press Office tweeted it was aware the Army’s social media accounts were compromised and had begun an investigation. Nearly four hours later, close to 5:45 pm EST, the Office provided an update that the account breaches were resolved. The British Army's official Twitter account also apologized for the posts, saying it would conduct an investigation and “learn from …
Defi / July 4, 2022
‘Far too easy’ — Crypto researcher’s fake Ponzi raises $100K in hours
Crypto influencer FatManTerra claims to have gathered over $100,000 worth of Bitcoin (BTC) from crypto investors in an investment scheme that was later revealed as fake. The crypto researcher said he created the fake investment scheme as an experiment and to teach people a lesson about blindly following the investment advice of influencers. The account on Twitter has around 101,100 followers and is mostly known for being a former Terra proponent that now actively speaks out against the project and founder Do Kwon following its $40 billion collapse in May. In a Sept. 5 tweet, FatManTerra told his followers he …
Bitcoin / Sept. 6, 2022
Crypto ATMs emerging as popular method for crypto scam payments: FBI
The Federal Bureau of Investigation (FBI) Miami Field Office has warned that crypto ATMs are emerging as a popular method that scammers use to receive funds from defrauded victims. The information was revealed as part of an Oct. 3 public warning about “pig butchering scams” where scammers pose as long-lost friends or potential romantic partners to swipe money from victims. The scammers “fatten up” their victims by showing a supposedly genuine interest in them to win their trust, and then gradually introduce investment discussions into the relationship. In the public service announcement in cooperation with the Internet Crime Complaint Center …
Regulation / Oct. 5, 2022