The first bot butting in on my "unglue" stream belonged to some sort of travel agency social marketing bot named Leadify. Various destinations were being touted by this bot under by different users:
@SkyRunTelluride Can’t unglue the kids from the tv on vacations? Go camping in Telluride and leave technology behind.
@VisitGatlinburg Can’t unglue the kids from the tv on vacations? Go camping in Gatlinburg and leave technology behind.
@CrestedButteMt Can’t unglue the kids from the tv on vacations? Go camping in Crested Butte and leave technology behind.
@TimberlineVaca Can’t unglue the kids from the tv on vacations? Go camping in Breckenridge and leave technology behind.
@lodgingdeals Can’t unglue the kids from the tv on vacations? Go camping in Snowmass and leave technology behind.
@vailmountain Can’t unglue the kids from the tv on vacations? Go camping in Vail and leave technology behind.
You get the idea. At least it's clear what "service" this bot is providing.
But recently, a new bot has started getting in on the "unglue" action. What bugs me is I can't figure out why it does what it does:
My first thought was this is some SEO scam. About 1/3 of the tweets have a bit.ly link to the http://promotion-web.tk/ or related websites; these pages contain more nonsense text under the title "First-class portal". (The "dot .tk" top level domain is a free domain registry based in Amsterdam) But that doesn't make much sense. Why would nonsense tweets point at nonsense websites? And why would most of the tweets come without links?
And if it's an SEO scam, why add things like ".nxz 968560"? Who's going to click on a tweet like that? Even search engines aren't that dumb.
My next thought was that these accounts are those "followers" that social marketing bozos buy for their twitter feeds. But no, many of these these accounts aren't following more than two or three other accounts, though they may have 250 or so of their fellow robots following them, along with a surprising number of apparently human social media consultants.
It's puzzling, and I don't take kindly to unsolved puzzles. This army of zombie twitter accounts must be assembling for some sort of mischief.
So here's my best guess. I think these twitter bots are hiding information in plain view. Suppose you were a terrorist organization or a criminal network, and you needed to publish communications to large numbers of people world wide. What better way to do this than to publish encrypted information on twitter. Or even better, put the encrypted information on a network of websites, and use a distributed network of twitter accounts to distribute the decryption keys? Or maybe this is where Wikileaks is storing its secret files.
The data publishing rate appears to be about 100 tweets per minute, or about 230 bytes/sec. That's 20 MBytes per day. Maybe the three letter codes are the intended recipients, and the 6 digit numbers are constantly changing keys (like RSA's SecurID) for files posted on 2-factor secured websites.
Or maybe its just garbage ungluing latent clubhouse derby.
Notes:
1. Just to be clear, it's not just the word "unglue" that zombie bot is attacking.
2. I can't wait to get head-desked by a simple explanation in the comments.
3. So you don't have to try one of those bitly links yourself, heres a sample of text from one of the garbage websites:
But recently, a new bot has started getting in on the "unglue" action. What bugs me is I can't figure out why it does what it does:
@IsabellaMariah3 Unglue latent clubhouse derby: .cpPWhat could possibly be the purpose of these tweets?
@MervinSacco1 Unglue official pass250 607-109 audition check over guides: .BCO http://bit.ly/ZMz6fj
@MacDonaldBoswor Dancery unglue rounders online: .Fhi
@ClarenceWither1 Charley 95010 online until unglue straight a rich conjunction unripe forethink: .daw http://bit.ly/WckiGL
@GoldmanLarry1 Unglue fund online casinos: .pyT 525471
@IsaacShade1 Unglue swop 185-113 prelim niagara mopes: .AQb http://bit.ly/10OwHmW
@AllenHoffmann1 Unglue pos software - baksheesh in preference to forthright pos software, guides with acquit pos software: .hFg http://bit.ly/Xv9k0W
@BootmanRussel1 Betting parlor online unglue green stuff extant professional athlete bribe: .YnL 050623
@PassBobby Unglue liquid assets repudiation cash upon be unfaithful online poolroom: .mNG 263810
@GladysSavannah Current unglue contribute nonobservance stationing show biz: .Obd
@EricksonCarter Tavern unglue do tool motion hiatus: .wrm 894279
@JohnsonAllison2 Amusement park unglue participate: .Sby 584823
@BarnesIsabelle Flat reputable volume dvd unglue: .QfH 362486
@JustinCharlie1 261 sporting house unglue tropez aggrandize: .cln
@FrederickWilli4 The hard-and-fast fender in relation with unglue online auction: .RqZ http://bit.ly/Xr2Tw3
@AlanLindley2 How head an neutral advisor grant-in-aid myself pick the uppermost glamour issue unglue racket: .mcY http://bit.ly/W8lrz9
@PaigeCarol1 Thereupon the album's unglue, the belt stirred drummer chouse health resort but salaried nicholas dingley, go ... 121898
@PaigeSandra1 Theater bootlegging unglue surface structure: .nxz 968560
@MiloVelasquez1 332 gambling hall unglue online volutation: .otR
@PeregrinBoles Unglue downloadlot-054exam chamber music guides: .qxf http://bit.ly/10KfJGp
@LeapmanRebecca Entertainment industry unglue contract bridge toad: .iyG 836459
@MakaylaCooper15 Cafe chantant coupon unglue gamut: .eqG 184945
My first thought was this is some SEO scam. About 1/3 of the tweets have a bit.ly link to the http://promotion-web.tk/ or related websites; these pages contain more nonsense text under the title "First-class portal". (The "dot .tk" top level domain is a free domain registry based in Amsterdam) But that doesn't make much sense. Why would nonsense tweets point at nonsense websites? And why would most of the tweets come without links?
And if it's an SEO scam, why add things like ".nxz 968560"? Who's going to click on a tweet like that? Even search engines aren't that dumb.
My next thought was that these accounts are those "followers" that social marketing bozos buy for their twitter feeds. But no, many of these these accounts aren't following more than two or three other accounts, though they may have 250 or so of their fellow robots following them, along with a surprising number of apparently human social media consultants.
It's puzzling, and I don't take kindly to unsolved puzzles. This army of zombie twitter accounts must be assembling for some sort of mischief.
So here's my best guess. I think these twitter bots are hiding information in plain view. Suppose you were a terrorist organization or a criminal network, and you needed to publish communications to large numbers of people world wide. What better way to do this than to publish encrypted information on twitter. Or even better, put the encrypted information on a network of websites, and use a distributed network of twitter accounts to distribute the decryption keys? Or maybe this is where Wikileaks is storing its secret files.
The data publishing rate appears to be about 100 tweets per minute, or about 230 bytes/sec. That's 20 MBytes per day. Maybe the three letter codes are the intended recipients, and the 6 digit numbers are constantly changing keys (like RSA's SecurID) for files posted on 2-factor secured websites.
Or maybe its just garbage ungluing latent clubhouse derby.
Notes:
1. Just to be clear, it's not just the word "unglue" that zombie bot is attacking.
2. I can't wait to get head-desked by a simple explanation in the comments.
3. So you don't have to try one of those bitly links yourself, heres a sample of text from one of the garbage websites:
Oneabe is a free online bidding site offering best auctions and known as beat penny auction site , here we conduct Free Online Auction and oneabe is one of the best Online Auction Sites. We also offer free international auction. Presently we are bidding on thunder-Quadband Dual SIM Wifi Touchscreen World and on superb LCD Home theatre media projector and so on. We do our auctions category wise. As here you would see a plethora of options and catalogs within which you can choose whatever is of your choice and need and participate in bidding as well as can buy them. We offer categories like Antiques and art, automobile & bikes, survival kits, businesses for sale, clothing and accessories, coins and collectibles and much more. We are known as a penny auction site worldwide.Under the category of antique and art we offer 20th century antiques ranging from 1920’s till modern , architectural antiques like garden antiques and others, under the wing of Art we offer contemporary art, drawings, paintings, general, photographic images, prints as well as sculptures. We also sell books and manuscripts those are rare and precious. We offer a plethora of ceramic goods and also clocks, decorative items to decorate your home and your office. Our folk art is very unique and our foreign arts are all master pieces. We also do bidding on furniture, map or atlas as well as on metal ware such as brass, copper, bronze, gold, silver, and silver plated goods also we sell music instruments. We also offer here to our customers a very good quality of textiles and linens that includes fabric, embroidery, linens and quilts and much more. Under the gaming option we offer...4. (update) More theories being discussed on Hacker News https://news.ycombinator.com/item?id=5373161
A "
Posts
