• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Massive twitter botnet update

Massive twitter botnet update






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Massive twitter botnet update Massive twitter botnet update Document Transcript

    • Donate for the Cryptome archive of files from June 1996 to the present Massive Twitter Botnet Update 12 March 2014 Date: Tue, 11 Mar 2014 17:58:10 -0700 From: PaulD<dietricp@efn.org> To: cryptome@earthlink.net Subject: Update on the botnet -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am now in a position to say that this is a retweet scam. See: https://twitter.com/MarissaTanyat Who also tweeted the following: #GetInShape with my online #training https://twitter.com/Obi_Obadike/status/443220721888546816 Snowden Haarp.... (which connects it to the same botnet) https://twitter.com/MarissaTanyat/status/443534242820001792 So officially, they're only spammers, not spooks. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTH7EiAAoJEKTPgq1hLquDrGwH/1xy20Ry20agOUnQ3d7WKHHL I4w7jxgKxI5ifPEik8N2Ll0Sppk+KEt4loVg9nKYxFi9WOnWqlFQt0oR0VOi4pXe A21386yLzKvBgtmJtbpfnl2JRyKPi8nu30d7FAUy95aWIjb6LxY8TfRuKNEwbx33 HKldVp1YD0kzUyJRPVSAXAiTXMNeDvral1hVXCGbRxhADvlB6ZXb5v9MAZiwZNu0
    • konCx2xAPvgAKtGOQFuTXPUbeOedNzMh+FEC4aXZ+D5qyYPKZGifCMdLSYBst3HJ 4ey4ixmONH1y/JIX7ptwyNSvscpvynQSdWkhbkz34KlKbsnxn+mAVmpEjYMkvVk= =dCbz -----END PGP SIGNATURE----- 10 March 2014 Massive Twitter Botnet @paulmd199 sends: The NSA and GCHQ know where to find me already. I can't presently prove who's behind this, but strongly susp particularly the latter. The appendix contains some 35,000 fake twitter handles, belonging to the same botnet. And what they've tweete Should Twitter's press office actually respond, I'll send that on too. __________ Massive twitter botnet Some days ago, I noticed a few rather peculiar repeating tweets about Edward Snowden, and decided to investig “I dont know much about Haarp but Edward Snowden is the one thats revealing it to the world and to the newsp “Oh, its the weekly kill Edward Snowden shout out from and !” What on earth? Surly such unusual phraseology wouldn't be repeated over and over by different users. Well, it tu gems are only one small part of a massive botnet, that tweets everything from utter nonsense, to psuedo-ebonics Ok my sonmofe: Yhlol : Its all black : Wasup with it? : mofe dis ur new avi”), to things a reasonable human mig already-viral tweet (a line from DrHorrible's Sing-along Blog), and will even steal a tweet from an unsuspecting over creation. There was even one tweet that seems to acknowledge the truth. “Holy spammed users, Botman!” T to do, is advertise anything at all, nor have any discernible revenue model. After a bit of study, I was able to trace the creation of the botnet back to March first, and I decided to get some id botnet, I pulled 33 such spam tweets into a spreadsheet, and counted unique handles. The number I got was in ex from only that small sample. There are literally thousands of spam tweets from this botnet. The botnet could easi thousands, or millions of unique handles. When you look at the individual accounts associated with the botnet, they appear to be from a human user. Until therein, and found that they've been spammed 700 times in under a week. There seem to different spam schedules. The slow one seems to be about 1 every 15 minutes or longer (even hou
    • faster version repeats up to several times a minute. Today, I noticed that the faster version appears to have stopp continues. I have contacted both Twitter support, and Twitter's press office, to date, neither has responded. I include as an appendix, the text files I created by copying and pasting searches (these I processed, to allow them spreadsheet), The spreadsheet, and a simple database, that I used to calculate just how many unique handles wer the database because the spreadsheet formula for calculating unique items becomes horribly slow when dealing w thousands. I also will include my unrequited email to the Press office. Such botnets have no legitimate purpose, they serve only to poison search results, to manipulate or deceive, or d at it it's a scam. I strongly encourage further research to fully expose who is behind this, and also call upon Twit http://cryptome.org/2014/03/TwitSpamNetwork.zip (4.3MB) http://cryptome.org/2014/03/massive-twitter-botnet.htm