Duo Security, an Austin based cybersecurity company has disclosed a huge and sophisticated botnet crypto fraud scam On Twitter. The company discovered a massive botnet composed of more than 15,000 accounts which were trying to scam users on the social networking service.
Duo security researchers used Twitter generated user IDs and gathered a dataset of 88 million public Twitter profiles represented in the Twitter API, such as screen name, tweet count, followers/following counts, avatar and description.
According to the paper,
Our cryptobot scam case study demonstrates that, after finding initial bots using the tools and techniques described in this paper, a thread can be followed that can result in the discovery and unraveling of an entire botnet. For this botnet, we use targeted social network analysis to reveal a unique three-tiered hierarchical structure.
Researchers also used Tweet stream and Twitter API. Twitter provides multiple different streams, which are API endpoints that allow users to connect and receive real-time tweet objects filtered and sampled using various parameters. While most of the streaming endpoints are reserved for paid enterprise access, two of the streaming endpoints, statuses/sample and statuses/filter, are available to all applications.
During the course of research, Duo security gathered 19 million accounts via the streaming API, averaging approximately 940,000 accounts per day. After gathering the dataset, company started the process of identifying bot accounts. To do this, they asked the question “what attributes would make an account look suspicious?”
After that, they took these characteristics and manually verified a small number of accounts to see if its decisions proved effective in finding bots.
After that company divided the attributes of an account into three categories:
Account Attributes: These are attributes in the user object, including the number of tweets, likes, following/follower count, screen name and more
Content: The text of the created tweets
Content Metadata: The metadata for created tweets, including time-based and location-based information.
The findings from Duo will be presented this Wednesday at the Black Hat security conference in Las Vegas, in a session called “Don’t @ Me: Hunting Twitter Bots at Scale.”
Follow us on Twitter, Facebook, Steemit, and join our Telegram channel for the latest blockchain and cryptocurrency news.