ETHERLive delivers real-time price and volume data across 16+ exchanges to users in a clear and easy-to-understand package. Users can get up-to-the-second updates for each exchange/currency pair, as well as aggregated market averages for each exchange, currency, and the market as a whole. It also provides a global converted average of all the currency pairs monitored by ETHNews, converted to USD.


24hr ---

The Basics

Learn the basics of Ethereum and various cryptocurrency technologies

Learn More

What is Ethereum?

Understand the underlying principles of the Ethereum Platform

Learn More

The Blockchain

Discover the revolutionizing technology known as the blockchain

Learn More

Press Release

Submit a press release for consideration on ETHNews

Submit Press

Story / Dapp

Submit a story or DAPP to be considered for publication on ETHNews.

Submit Story


Submit "Ethereum Explainer" content for consideration to be featured on ETHNews

Submit Topic
ETHNews Logo
Ether Price Analysis
Contact Us

Researchers Uncover Scam Botnet On Twitter




An elaborate system of malware was found to be behind cryptocurrency giveaway scams.

Researchers from tech security company Duo have discovered a network of malicious bots on Twitter, according to an August 6 blog post.

The authors, Jordan Wright and Olabode Anise, disclosed that they were not necessarily looking for automated accounts that were perpetuating scams or behaving maliciously, but were simply looking for accounts that were automated, or not controlled by an actual user.

According to a technical paper outlining Duo's research, the team stumbled upon a large botnet containing approximately 15,000 bots that used a "unique three-tiered hierarchical structure" and are involved in the prevalent crypto giveaway scams that many of our readers will be familiar with.

To conduct this research, Wright and Anise comprised a data set of 88 million Twitter accounts and included standard information, such as screen name, tweet count, and follower count, which is represented in the Twitter application programming interface (API). The researchers then took this data set and used machine learning algorithms that applied a subset of standard Twitter account attributes to differentiate between human-controlled and automated accounts.

According to the technical paper, the first tier of bots are responsible for imitating legitimate crypto-affiliated accounts by utilizing what Wright and Anise believe to be randomly generated screen names, and copying the actual names and profile pictures of the genuine accounts.

The second tier is made up of "hub accounts," which don't necessarily have anything to do with the scammer bots, but are hypothesized to be "randomly chosen accounts that the bots follow in an effort to appear legitimate."

The final tier in the network was found to be comprised of "amplification bots," which exist solely to like tweets sent by the scam bots, in order to artificially increase the likes for these tweets and further the appearance of legitimacy.

After not only researching the attributes of crypto scam accounts but the attributes of the accounts that they follow, Wright and Anise concluded that "a thread can be followed that can result in the unraveling of an entire botnet."

In an August 6 press release on the findings, Anise noted:

"Users are likely to trust a tweet more or less depending on how many times it's been retweeted or liked. Those behind this particular botnet know this, and have designed it to exploit this very tendency."

For his part, Wright explained:

"Malicious bot detection and prevention is a cat-and-mouse game. We anticipate that enlisting the help of the research community will enable discovery of new and improving techniques for tracking bots. However, this is a more complex problem than many realize, and as our paper shows, there is still work to be done."

The two will present their findings at the Black Hat security convention tomorrow, August 8, in Las Vegas at 2:40 p.m. PST. After the presentation, the tools and techniques used by the team will be made publicly available on GitHub.

In response to the findings, a Twitter spokesperson commented:

"Twitter is aware of this form of manipulation and is proactively implementing a number of detections to prevent these types of accounts from engaging with others in a deceptive manner. Spam and certain forms of automation are against Twitter's rules ... [C]ertain types of spam may be visible via Twitter's API even if it is not visible on Twitter itself."

Nathan Graham

Nathan Graham lives in Sparks, Nevada, with his wife, Beth, and dog, Kyia. Nathan has a passion for new technology, grant writing, and short stories. He spends his time rafting the American River, playing video games, and writing.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest botnet, giveaway scam or other Ethereum ecosystem news.