This Twitter Cryptocurrency Scam Botnet is a Threat to Everyone
A huge cryptocurrency scam botnet was identified on Twitter. Users should be cautious.
A group of researchers has discovered a botnet that copycats the Twitter accounts and shares scam cryptocurrency giveaways. According to ITPro, the research was done by Duo Security, which during the May-July period tracked 88 million Twitter accounts using specific technologies to search and analyze malicious bots within the social media portal.
“Comprised of at least 15,000 bots in a three-tiered hierarchical structure, a team of Duo Security researchers observed how the crypto-scam botnet worked to spread a fake ‘cryptocurrency giveaway’, and evolved over time to remain undetected,” wrote ITPo.
How it works
The researchers created a presentation on the mechanism behind the botnet that was shown yesterday at the 2018 Black Hat cybersecurity event. According to the Duo team, the first step is to create a copycat profile for a crypto-related account. The original name and picture are taken intact and added to the fake account.
Further on, bots are posting fake cryptocurrency giveaways, and to seem more plausible, they add comments from real accounts, including a scam link that would attract more victims.
This is not all- yet. The huge botnet also uses “amplification bots“, which are other fake profiles meant to give “likes” to false accounts’ tweets in order to “artificially inflate the tweet’s popularity [and] make the cryptocurrency scam appear legitimate.”
“[Searching for connected bots] resulted in a 3 tiered botnet structure consisting of the scam publishing bots, the hub accounts (if any) the bots were following, and the amplification bots that like each created tweet. The mapping shows that the amplification bots like tweets from both clusters, binding them together.”
The team identified a way that “can result in the unraveling of the entire botnet“. The researchers also added in their report that the crypto scam botnets are still live and can only be detected by “straightforward analysis.”
“We don’t consider the problem solved,” the team claimed.
Following this research, Duo Security intends to release a mechanism that will discover scam bots and aid “keep Twitter and other social networks a place for healthy online discussion and community.”
You may be interested
Why Strong Web Security Is So Important for CryptocurrenciesAdriana Midrigan - August 20, 2018
One of the reasons why so many people have turned to cryptocurrencies lately is for the greater feeling of security…
Shanghai Stock Exchange to Integrate Blockchain TechnologyAdriana Midrigan - August 20, 2018
The Shanghai Stock Exchange (SSE) is working with the Insurance Asset Management Association (IAMAC) to streamline the insurance and pension…
Bitcoin Millionaire Lost His BTC to Forged Bank NotesAnca Faget - August 20, 2018
A South Korean businessman was duped into swapping his bitcoin holdings for fake banknotes, losing millions worth of BTC for…