A Blog by Jonathan Low

 

Oct 23, 2018

How Botnets Are Adapting In the Face of A Twitter Crackdown

In an attempt to limit the spread of fake news, noxious political stories and propaganda, Twitter has cracked down on the use of botnets which spread misinformation in bulk.

But the laws of co-evolution and machine learning being what they are, the bots (and their human designers) are learning to disguise themselves in order to evade the new rules. This appears to be but one stage in what is likely to become an endless battle for advantage. JL


Jon Porter reports in The Verge:

More sophisticated botnet tactics have become necessary after Twitter started cracking down. The company changed the rules of its platform to ban “identical or substantially similar” tweets posted from multiple accounts, or “bulk, aggressive, or very high-volume automated retweeting.” As a result a pro-Saudi botnet had to stagger activity to avoid spamming messages in a way that made their automation look obvious. The botnet also exploited well-known methods to spread its messages. Namely, latching onto popular hashtags and helping to push them to the top of Twitter’s trending topics.
Twitter botnets are having to adapt their behavior in the wake of the platform’s crackdown. NBC News reports that on Thursday the platform suspended hundreds of accounts acting in a network to tweet messages of support for Saudi Arabia in the wake of the disappearance of journalist Jamal Khashoggi. Experts quoted in the report said that the bots operated in a way that allowed them to “fly under the radar” to avoid Twitter’s bans.
Turkish investigators have claimed that Khashoggi was killed by Saudi agents associated with the Saudi prince Mohammad Bin Salman during a visit to the Saudi consulate in Istanbul. The Saudi government vehemently denies these allegations, and it’s this version of events that the botnet was amplifying. Twitter has now suspended the bots brought to light by NBC News, as well as other pro-Saudi government accounts, although it hasn’t officially said who’s behind them.
These more sophisticated botnet tactics have become necessary after Twitter started cracking down on the practice in February. The company changed the rules of its platform to ban “identical or substantially similar” tweets posted from multiple accounts, or “bulk, aggressive, or very high-volume automated retweeting.” As a result, this pro-Saudi botnet had to be more selective, staggering activity to avoid spamming messages in a way that made their automation look obvious.
The botnet, discovered by Josh Russell, also exploited some well-known methods to spread its messages. Namely, latching onto popular hashtags and helping to push them to the top of Twitter’s trending topics. The report identifies two trending Arabic hashtags which roughly translate to “#We_all_trust_Mohammad_Bin_Salman,” and “#unfollow_enemies_of_the_nation,” which the bots used to spread their pro-Saudi messages more widely.
The botnet’s accounts don’t appear to have been created this year. Many were produced in a short period in November 2017, but others date back to 2012 and even 2011. An IT professional quoted by NBC said it was “shocking” that the bots had been on the platform for that long.

0 comments:

Post a Comment