The Twitter Crypto Bot Epidemic

Online scams are a dark reality of the digital world and have prevailed through several popular social media platforms including, Twitter. With the advent of cryptocurrency, comes with it, a pandora’s box filled scam bots. Scam bots have been targeting the accounts of individuals in the cryptocurrency industry for over a year now, such as Litecoin’s Charlie Lee, Ethereum’s Vitalik Buterin and Binance exchange’s Changpeng Zhao. Thus clogging the entire twitter space. Recently, however, scam bots seemed to have infiltrated even further, affecting the other high profile industries through the relentless giveaway schemes.

Duo Research Report

A team of researchers from a security firm, Duo, has discovered a sophisticated network of scam bots operating on Twitter, revealing 15,000 such individual accounts. They stumbled upon this discovery while working on a broader research project, which was to create and publish the methodology behind identifying Twitter account automation.

How Did They Do It?

The team started off by creating a large set of 88 million public Twitter accounts. They used Twitter’s API and other data enrichment techniques for this purpose. However they directed their focus on the last 200 tweets per account for the purpose of the study. They then used classic machine learning methods in order to train a bot classifier. After that they used mapped and analyzed the structure of botnets using tested data science techniques.

According to the study,

Users are likely to trust a tweet more or less depending on how many times it’s been retweeted or liked. Those behind this particular botnet know this, and have designed it to exploit this very tendency.

The study also revealed the smart nature of the crypto bots, as they have the ability to modify their online behavior to avoid detection and deletion.

The bots’ attempts to thwart detection demonstrate the importance of analyzing an account holistically, including the metadata around the content.For example, bot accounts will typically tweet in short bursts, causing the average time between tweets to be very low. Documenting these patterns of behavior can also be used to identify other malicious and spam botnets.

The situation of identity theft and hollow promises for giveaways is so dire that Vitalik Buterin, the co-founder of Ethereum, had to change his Twitter handle in order to clear the air and nullify the existence of Ethereum giveaway schemes being sold under his name. His new Twitter handle is, Vitalik Non-giver of Ether.

Another case was when there was an abundance of Litecoin’s creator Charlie Lee, on Twitter. The scam bots were promoting fake LTC giveaways.

How Do the Scam Bots Function?

Scam bots pretty much function like other online cons, it is generic yet still deceitful enough to fool people. The scam bot assumes the same name and the profile picture of any popular figure in the crypto world.

Users are likely to trust a tweet more or less depending on how many times it’s been retweeted or liked. Those behind this particular botnet know this, and have designed it to exploit this very tendency.

The twitter handle however is different from the original, which gives away the authenticity often blowing the cover of the scam bot. But spotting the bots has become trickier as they use already verified accounts, which earns them the ‘blue check mark’, the hallmark of legitimate profiles or accounts. They, then post in the comments under real messages and updates, a tactic which is concocted to mislead unobservant users.

The Twitter Crypto Bot Epidemic

Typically, the scam consists of giveaway tokens. All the users have to do is send a small amount of crypto tokens to a given address, in return of a promise for receiving a larger amount in return. The tokens asked for a mostly Ethereum.

The study was shared with Twitter prior to being published to which Twitter responded with,

Twitter is aware of this form of manipulation and is proactively implementing a number of detection to prevent these types of accounts from engaging with others in a deceptive manner. Spam and certain forms of automation are against Twitter’s rules. In many cases, spammy content is hidden on Twitter on the basis of automated detections. When spammy content is hidden on Twitter from areas like search and conversations that may not affect its availability via the API. This means certain types of spam may be visible via Twitter’s API even if it is not visible on Twitter itself. Less than 5% of Twitter accounts are spam-related.

Despite Twitters counter measures, where by they ban all advertisements related to crypto, it seems to have lagged behind in this cat and mouse chase of scam bots.

Abeer Anwaar

Abeer holds a Bachelors degree in Media studies and covers blockchain startups for BlockPublisher. An optimist, excels in the art of the written word and swears by the joy of all things sweet. Contact the editor at editor.startups@blockpublisher.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.