Cryptocurrency scammers are getting more creative to convince potential victims to part with their money. Recently, the security community was shocked when a team of researchers discovered the existence of a sophisticated botnet on Twitter which was used as a comprehensive tool for spreading a cryptocurrency scam.
The botnet was discovered by a team of researchers from security firm Duo Security. The team was doing research on how to identify Twitter account automation and was reviewing the tweets of around 88 million accounts in an effort to study how bots operate.
The researchers used machine learning and other data science techniques to analyze close to half a billion tweets to uncover the structure of botnets. As a result, they discovered the botnet, comprised of more than 15,000 bots.
What is a Twitter bot?
Most people might not exactly know what a Twitter bot is, but virtually anyone who maintains an account with the popular social media platform has likely interacted with one. Simply put, a Twitter bot is just software designed to do a specific task. This automated software is a tool for easier management of social media accounts and is especially useful for large organizations.
Malicious use of such bots has been highlighted by recent media reports. For instance, Russian Twitter bots were used in trying to influence US election results. Bots are also sometimes used to spread false information, rig online surveys, and even inflate social media metrics.
Not All Bots are Dangerous
Conversely, there are a host of legitimate uses for automating Twitter accounts; companies often use them to manage their social media accounts. Some legitimate bots automate the handling of customer responses, others are used schedule the release of online content. Benign twitter bots can do everything from answering frequently asked questions to providing flight information.
The Cryptocurrency Scam Botnet
The botnet involved in the cryptocurrency scam discovered by the Duo Security researchers is significant in scale. According to the firm’s report, the botnet is composed of more than 15,000 fake accounts managed by bots.
To maintain a veneer of credibility, the scam created spoofed versions of legitimate cryptocurrency-affiliated Twitter accounts. These spoofed or fake accounts would mimic the originals by copying the profile pictures and imitating the names of the legitimate accounts.
These fake crypto-related accounts will then post a reply to a tweet sent out by the legitimate Twitter accounts. The reply would contain a link of a cryptocurrency giveaway and victims are fooled into clicking the link, thinking that it was shared by the legitimate Twitter account.
The scam botnet was able to avoid automated detection for so long by employing increasingly sophisticated techniques. For instance, the bots would use Unicode characters in tweets instead of traditional ASCII characters, add spaces between words and punctuations to introduce some variance to the tweets, and edit their profile pics to modify them slightly from the original account’s pictures.
Fake Twitter Accounts Involved in Crypto Scams on The Rise
Fake Twitter accounts promoting various types of crypto scams have been plaguing the platform for months now. Scammers have been impersonating famous personalities such as Elon Musk, Warren Buffet, and even Ethereum co-founder Vitalik Buterin, using their names to ask for a small amount of crypto while promising substantial future returns.
Even Britain’s Financial Conduct Authority (FCA) recently issued a warning that crypto scammers using social media platforms such as Twitter are on the rise. According to the FCA, these scammers are now trying to entice victims by using fake celebrity endorsements to sweeten the deal. Clicking on the links contained in these endorsements will redirect potential victims to a professional-looking site offering various crypto-related products.
Faced with increasingly sophisticated cybercriminals, it pays to be vigilant; especially in making online transactions. Always check if the Twitter account used has been verified and check for how long it has been in use. Avoid links when possible, navigate to the company web page yourself. In addition, always be wary if the promotion seems unrealistic. If the deal sounds too good to be true, then it probably is.