Duo Security researchers uncover advanced botnet on Twitter

Photo: Pexels
Photo: Pexels

ANN ARBOR – It's as baffling as it sounds: a botnet.

A team of researchers at Duo Security discovered a sophisticated botnet while carrying out a research project on Twitter to understand how bots operate on the popular social network.

They unearthed a massive system of bots and the ways in which they are being used to disperse a cryptocurrency scam.

During the research, the team built an extensive data set consisting of 88 million public Twitter accounts using the social network's API and data enrichment techniques.

This comprised more than a half billion tweets, and the team said, for each account, they examined the last 200 tweets.

Using standard machine learning methods, they trained a bot classifier to analyze and map the framework of the botnets they unearthed, applying data science techniques.

In total, they say they uncovered at least 15,000 bots engaged in a cryptocurrenty scam trying to lure users with malicious "giveaway" links, though they say the actual number is likely much higher.

The bots, some of which the researchers found appeared in the 'Who to follow' section, tend to boost each other's spammy tweets with retweets and likes, inflating the scam even further.

The discovery shines a light on how bots manipulate forms of automation on Twitter.

Twitter has maintained it wasn't aware of this form of manipulation and is working on setting up certain detections to prevent these bot accounts from deceiving other users.

The researchers are open sourcing their findings in the hopes that other follow-up studies will be conducted on the issue.

About the Author: