Donate for the Cryptome archive of files from June 1996 to the present
Massive Twitter Botnet Update
12 March 2014
Date: Tue, 11 Mar 2014 17:58:10 -0700
Subject: Update on the botnet
-----BEGIN PGP SIGNED MESSAGE-----
I am now in a position to say that this is a retweet scam.
Who also tweeted the following:
#GetInShape with my online #training
Snowden Haarp.... (which connects it to the same botnet)
So officially, they're only spammers, not spooks.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
10 March 2014
Massive Twitter Botnet
The NSA and GCHQ know where to find me already. I can't presently prove who's behind this, but strongly susp
particularly the latter.
The appendix contains some 35,000 fake twitter handles, belonging to the same botnet. And what they've tweete
Should Twitter's press office actually respond, I'll send that on too.
Massive twitter botnet
Some days ago, I noticed a few rather peculiar repeating tweets about Edward Snowden, and decided to investig
“I dont know much about Haarp but Edward Snowden is the one thats revealing it to the world and to the newsp
“Oh, its the weekly kill Edward Snowden shout out from and !”
What on earth? Surly such unusual phraseology wouldn't be repeated over and over by different users. Well, it tu
gems are only one small part of a massive botnet, that tweets everything from utter nonsense, to psuedo-ebonics
Ok my sonmofe: Yhlol : Its all black : Wasup with it? : mofe dis ur new avi”), to things a reasonable human mig
already-viral tweet (a line from DrHorrible's Sing-along Blog), and will even steal a tweet from an unsuspecting
over creation. There was even one tweet that seems to acknowledge the truth. “Holy spammed users, Botman!” T
to do, is advertise anything at all, nor have any discernible revenue model.
After a bit of study, I was able to trace the creation of the botnet back to March first, and I decided to get some id
botnet, I pulled 33 such spam tweets into a spreadsheet, and counted unique handles. The number I got was in ex
from only that small sample. There are literally thousands of spam tweets from this botnet. The botnet could easi
thousands, or millions of unique handles.
When you look at the individual accounts associated with the botnet, they appear to be from a human user. Until
therein, and found that they've been spammed 700 times in under a week.
There seem to different spam schedules. The slow one seems to be about 1 every 15 minutes or longer (even hou
faster version repeats up to several times a minute. Today, I noticed that the faster version appears to have stopp
I have contacted both Twitter support, and Twitter's press office, to date, neither has responded.
I include as an appendix, the text files I created by copying and pasting searches (these I processed, to allow them
spreadsheet), The spreadsheet, and a simple database, that I used to calculate just how many unique handles wer
the database because the spreadsheet formula for calculating unique items becomes horribly slow when dealing w
thousands. I also will include my unrequited email to the Press office.
Such botnets have no legitimate purpose, they serve only to poison search results, to manipulate or deceive, or d
at it it's a scam. I strongly encourage further research to fully expose who is behind this, and also call upon Twit