Analysts have uncovered a gigantic botnet that imitates existing legitimate accounts on Twitter to spread a cryptocurrency "giveaway" scam.
Tricky Cryptocurrency Giveaway
According to ITPro, the scam was discovered by Duo Security that took 88 million Twitter accounts from May to July into consideration utilizing machine learning to detect bots. The group ran into a single network consisting of over 15,000 bots that spread cryptocurrency giveaway.
On August 8, at the 2018 Black Hat cybersecurity event, Duo Security will present a document in which describes the bot’s working principle.
How Does It Work
Normally, they explain, bots make a spoofed (or copycat) account for a veritable cryptocurrency’s profile, duplicating the name and profile image. To spread the scam, bots react to tweets posted by the real account, attaching a link to attract social network’s users to the scam. In an effort to seem legitimate, botnet creates other fake accounts that put “likes” on scam tweets increasing its fake credibility.
We Aren’t There Yet
While Twitter has been making moves to brace down on such crypto scams, Duo concludes that the botnets are here to stay and can be found only by "straightforward analysis." The company doesn’t consider the issue solved so far.