Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Botnet Twitter Businesses Communications Network Networking Privacy Security Social Networks Software Spam The Internet News Technology

3 Million Strong Botnet Grows Right Under Twitter's Nose (softpedia.com) 48

An anonymous reader writes: Somebody created a botnet of three million Twitter accounts in one single day, and Twitter staff didn't even flinch -- even if the huge 35.4 registrations/second should have caught the eye of any IT staffer. Another weird particularity is that the botnet was also synchronized to use Twitter usernames similar to Twitter IDs. Couple this with a gap of 168 million IDs before and after the botnet's creation, it appears that someone specifically reserved those IDs. The IDs were reserved in October 2013, but the botnet was registered in April 2014 (except 2 accounts registered in March 2014). It's like Twitter's registration process skipped 168 million IDs, and someone came back a few months later and used them. [Softpedia reports:] "The botnet can be found at @sfa_200xxxxxxx, where xxxxxxx is a number that increments from 0 000 000 to 2 999 999. All accounts have a similar structure. They have "name" instead of the Twitter profile handle, display the same registration date, and feature the text "some kinda description" in the profile bio field. Additionally, there are also two smaller botnets available as well. One can be found between @cas_2050000000 and @cas_2050099999. Sadbottrue says it was registered between March 3 and March 5, 2015. The second is between @wt_2050100000 and @wt_2050199999, and was registered between October 23 and November 22, 2014." Both have 100,000 accounts each. Theoretically, these types of botnets can be used for malware C and C servers, Twitter spam, or to sell fake Twitter followers. At 3 million bots, the botnet accounts for 1% of Twitter's monthly active users.
This discussion has been archived. No new comments can be posted.

3 Million Strong Botnet Grows Right Under Twitter's Nose

Comments Filter:
  • So... (Score:5, Funny)

    by msauve ( 701917 ) on Tuesday June 21, 2016 @07:53PM (#52363585)
    Does this mean that twitter is finally figuring out how to make a profit?
    • I see what you did there... smart :))
    • Does this mean that twitter is finally figuring out how to make a profit?

      Or that Twitter has become self-aware?

  • even if the huge 35.4 registrations/second should have caught the eye of any IT staffer...

    Staffers were probably thinking, "Oh good, a big juicy user-signup bonus check!", not unlike the no-doc loan grab that crashed the world economy.

  • by Anonymous Coward

    Who cares!?

  • Are you a twit?
  • by Anonymous Coward
    Donald Trump is currently trying to explain/blame away the fact that $35k USD of his campaign funds have been paid to a pair of sketchy spammers. I wonder how many of these freshly minted twitter accounts are going to start blasting out pro-Trump whargarbl in the days to come?
  • I am proud to say I use 0% of Twitter.

    Whatever.
  • by bigsexyjoe ( 581721 ) on Tuesday June 21, 2016 @10:21PM (#52364225)

    If Twitter doesn't nuke these accounts pretty quickly, we can be pretty sure they are test accounts. I mean 3 million botnets could easily destroy twitter.

    I think very telling is this part: "It's like Twitter's registration process skipped 168 million IDs, and someone came back a few months later and used them." Yes. Twitter reserved them and used them. They are the only ones who can line up user names with ids like that.

    • by Fusen ( 841730 )

      If the IDs weren't used by normal accounts and then later were used, Twitter surely has to have some involvement.

  • Twitter claims something like 5% of all accounts are fake/bots

    Analysts mostly think that about 15% of all accounts are fake/bots

    When was the last time you ever heard anyone say out loud "oh yeah I tweeted that"?

    I think closer to 35% of all accounts are simply (mostly) harmless retweet accounts, 5% malicious accounts, 40% inactive accounts (in the last 30 days) and 20% actually login every couple of days, let alone daily or more than once a day.

    How Twitter manages to convince advertis

    • by Anonymous Coward

      Query large accounts and you find out, that 60% - 70% of their followers are either inactive or bot's.
      This is one of the reason why twitter has no native tools to find and remove bots and inactive accounts. They need to look good for advertisers.

  • That ID gap is aligned with the 32-bit integer limit, which was manually breached as part of the 1st Tweetpocalypse (http://bit.ly/28MVIF3). It would seem likely to be internally created accounts that re-used that ID space later on.

No spitting on the Bus! Thank you, The Mgt.

Working...