The cyber security monitors at sadbottrue.com have recently discovered almost 3 million Twitter accounts deemed to be fraudulent. Every one of the accounts was created on April 17, 2014 and carries a serialized name falling in the range of @sfa_2000000000 to @sfa2002999999. It is believed that all the accounts were created by a botnet.
The content of these accounts is unknown since the accounts are protected and available only to confirmed followers. The description of each account simply reads “some kida description.” What is clear, however, is that the accounts have been very active. To date, the 3 million accounts have sent 2.6 billion tweets. That figure is equivalent to the cumulative total of all tweets sent over a five day period.
Each account is an identical copy of the rest, but the way that they are being used varies widely. For instance, one account has sent out close to a half million tweets. Another is following more than a million accounts. The content of the accounts may be unknown, but experts do not believe they are being used to distribute spam or advertising messages.
More likely is that the accounts are being used to drive trends on Twitter, as a number of hashtags being used appear in the social network’s top trending categories. This is a backhanded way of driving traffic to reputable accounts.
The 3 million accounts exposed could represent just a drop in the bucket. The account IDs used were all reserved in advance on October 22, 2013. On that same day a total of 168 million account IDs were reserved, though the vast majority have not yet been used to create accounts.
The issue of bots of Twitter is a pervasive one. By some estimates, there are more than 18,000,000 fraudulent accounts among active users, and the vast majority have more friends than they do followers. In essence, these accounts were created just for following other accounts. More than 1 billion fake accounts are “sold” yearly, with it costing about $400 to purchase a million followers.
The discovery of these bots raises questions about both Twitter’s organic traffic, and also about its security measures. Many are wondering how such a large volume of transparently fake accounts could have gone unnoticed by administrators for more than 2 years. One representative from sadbottrue.com suggested that a scheme of this magnitude could only have been perpetrated from the inside, likely by someone with executive credentials.
Twitter has not yet released an official statement on the botnet.