RSS feed Get our RSS feed

News by Topic

BizReport : Internet : January 26, 2017

Massive Twitter botnet uncovered

Two cybersecurity experts have stumbled across a Twitter botnet consisting of more than hundreds of thousands of automated accounts. Created within just a few days in 2013, the massive botnet has been silent for four years.

by Helen Leggatt

A massive collection of fake accounts in Twitter has been uncovered by cybersecurity experts Juan Echeverria and Shi Zhou of University College London. While analyzing Twitter to see how people use the micro-blogging platform, the botnet comprising approximately 350,000 accounts was revealed.

According to the paper resulting from the research, "A Twitter bot is a Twitter user account whose functions are automatized and therefore require little or no human input. A botnet is a group of bots that are created and centrally controlled by a master, called 'botmaster'. Some bots have benign purposes, for example to generate an automated tweet whenever a new article is published in a news website".

The geographical distribution of the Tweets analysed was a clue that they were dealing with a botnet. Tweets are most commonly linked with densely populated areas such as cities, but the botnet they discovered contained many Tweets that were geo-located in uninhabited regions close to the U.S. and Europe such as in oceans and deserts.

Furthermore, messages posted by the botnet were only from Windows phones and all were quotes from Star Wars novels, hence it has been named the Star Wars botnet.

Stranger still, the individual accounts had never tweeted more than 11 times, had fewer than 31 friends and the entire botnet was created in just a few days in June and July 2013 during which time it produced 150,000 Tweets a day.

However, on 14 July 2013 the botnet fell silent. "When the creation of new Star Wars bots stopped on 14 July 2013, all the bots suddenly fell silent and remained so ever since," said Echeverria and Zhou.

"It seems the Star Wars bots were deliberately designed to circumvent many of the heuristics underlying previous bot detection methods," added Echeverria and Zhou. While the accounts have been silent for four years, they could all begin Tweeting once more at a moment's notice.

If you thought a botnet of 350,000 accounts was big then think again. It seems Echeverria and Zhou have made an even bigger discovery. "We have recently discovered another botnet with more than 500k bots, which will be reported shortly," they said.

Tags: bot fraud, botnet, social media, Twitter

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.