Posted by Bev Robb on February 3, 2015.
Though Twitter goes to great lengths to thwart fake bot accounts, spam bots are pervasive throughout the Twitter ecosystem. Whether it is a 6,000+ real and verified twitter followers (yeah, right!) for $5.00 over at Fiverr or a flat 6 month $49.99 subscription at Twitter Supremacy — bots come in all flavors — You can buy a set amount of fake followers, become an affiliate, subscribe to an anonymous automation service, or purchase some clever little bot tutorials down at the Evo marketplace (in the Darknet).
Last summer Twitter refuted that mischievous bots lurked behind 23 million accounts — According to Twitter’s SEC (Securities and Exchange Commission) filing: These fake bots (spam accounts) make up less than 5% of Twitter’s monthly active users.
Regardless of the percentage of fake bots claimed by Twitter, there is still a copious scourge of nettlesome low-end bots that slide under the radar.
Buy Twitter Followers from us and get the quality followers is one search term that demonstrates a cacophony of fake accounts. With names such as Agyeman Dobbison (@noferetaqij), Ricki Douglas (@virekotewene), Alfrieda Lysons (@LysonsAlfrieda), Hanno Sullivan (@bafatocewyq), Ieremiya Ramirez (@juvufycupuw), Eilif Waller (@sukajysugis), and Grzegorz Errol (@pihahamelyn), these accounts are easy to spot.
These bots each display the same header photo; run the same scripts; post the same graphics; and send links to myriad cloned verasocial.info subdomains.
Verasocial.info Domain Whois:
Owner: Daffa Ahmad
Owner Address: Jl Mangga 1
Owner City: Palembang
Owner Postcode: 32425
Phone Number: +62.82377654758
Phone Type: mobile :Surabaya Komselindo STKB-C (AMPS)
Owner Country : Indonesia
Website Location : United States
Email is associated with ~50 domains
Registrant Org DaffaCORP is associated with ~49 other domains
Dates Created on 2014-12-16 – Expires on 2015-12-16 – Updated on 2014-12-17
Current IP: 126.96.36.199
This domain is only 49 days old, but the endless slew of subdomains they utilize to get past Twitter spam filters is astounding!
Since early 2009, I’ve had a hash with low-end Twitter bots. They are annoying. They offer zero value, tweet spam links, echo scripted-snippets (just to keep their profiles active), and blatantly break Twitter terms of service and rules.
Selling or purchasing account interactions (such as selling or purchasing followers, Retweets, favorites, etc.); Using or promoting third-party services or apps that claim to get you more followers (such as follower trains, sites promising “more followers fast” or any other site that offers to automatically add followers to your account); If you post duplicate content over multiple accounts or multiple duplicate updates on one account;f you send large numbers of duplicate @replies or mentions;If you repeatedly create false or misleading content;If you post misleading links (e.g. affiliate links, links to malware/click jacking pages, etc.) —Twitter Terms of Service
The verasocial.info campaign is just one tiny drop in the Twitterverse bucket, but it will give you a rough idea of how they operate.
The originating granddaddy domain may have been 100kfollowers.net (this domain is currently blacklisted on Twitter). When the bots indicate the granddaddy domain in their tweets it looks like this: www, 100kfollowers ,net (note the commas), and the domain is also promoted in cloned cover photos, as well as shared photos.
Each Twitter botmaster uses a control panel like Twitter Supremacy, to conduct their business. They offer two methods of gathering Twitter followers:
Inactive followers are followers that do not interact with the user account, they are used mainly to increase the Twitter follower count. Active followers are followers that actually require full access to your Twitter account via their control panel. They claim to offer 100% real followers and allege that they manually invite each follower that they want to follow you back.
The pricing structure for inactive followers is:
The pricing structure for active followers is:
The current bot campaign is running approximately 38 bots that tweet once per minute. Each bot sends 60 tweets per hour and 1440 tweets per day. With all 38 bots running, they will tweet 54,720 tweets per day. This botmaster is not the brightest crayon in the box — he may have forgotten to lay his bots down for a nap, or his control panel needs an alignment — his bots have currently been down for 4 hours. That could mean that this campaign is finished and that they are beginning a new campaign with a different domain and a new set of bots and scripts. Or Twitter busted them. Only time will tell.
I do not have a hash with automated tweet bots such as:
Tweets for community benefit [Earthquakes; weather; transit]
Tweets for a niche group of users [Infosec; WordPress]
Parody account tweets
With high-end bots quickly becoming more human-like in the Twittersphere, where they often interact with both you and me — It can become disconcerting to converse with a bot and not even be aware of it. Don’t you think that Twitter should implement some type of special profile indicator — that acknowledges that they are bots?
Many of these high-end bots have actual bed times, Klout scores, and direct messaging (DM) skills. The old tell-all-I-am-a-bot stock photo and default egghead graphic has been replaced with authentic-looking photos. Higher-ends also include affable and polished bios descriptions, customized header images, and they generally play nice in the Twittersphere.
I still have a Twitter @TinkerpuffHead (TPH) account that I created for the specific purpose of playing with fake followers. The last batch of 4000 fake followers was purchased at Fiverr back in late 2012. For a very short time TinkerPuffHead had 4,182 followers. Today she only has two followers:
Next month — TPH and I are planning a rendezvous that will include another batch of fake followers.
Mark your calendar!
Top 100 Information Security Blogs
Independent news and views on the confluence of cybersecurity, politics and gaming.
We take neither advertising nor sponsorship so we can guarantee our independence.