Twitter has a big bot problem

Twitter bots – robots that interact with humans – have a long history. The Twitter API is fairly easy to use (I made a bot that plays Zork with a friend two years ago) and there is little protection against creating new accounts automatically. This ease of use used to be great for programmers but now Twitter has a huge bot problem.

Bots have expanded beyond the traditional tactics. One older site recommended creating a bot network to “get a database together of all your competitors.”

“Have a rebuttal promoting your brand over their brands as messages. Whenever someone in your niche talks about the competition, send a tweet or even A DM (Direct Message), with your message of being the better product/service, and to give you a try.”

The new system pales in comparison.

In the latest example, a reporter for the Daily Beast, Joseph Cox, was kicked off of Twitter for being followed too quickly by an army of Twitter bots.

Cox can’t talk about why he was banned – his conversation with Twitter was off the record – but after writing his post he saw a strange pattern. A series of bots followed him in the same order they followed other major folks who have been writing about the Russian bot phenomenon. In short, the bots “read” news stories and then followed their authors, one after the other, in lockstep.

Once this happens, Twitter’s anti-bot tools spring into action and… ban the original poster.

“Let that sink in for a moment: A huge collection of botted accounts — the vast majority of which should be easily detectable as such — may be able to abuse Twitter’s anti-abuse tools to temporarily shutter the accounts of real people suspected of being bots!” wrote security researcher Brian Krebs. “The botnet or botnets appear to be targeting people who are exposing the extent to which sock puppet and bot accounts on social media platforms can be used to influence public opinion.”

The ordeal started when Atlantic Council’s Digital Forensic Research Lab was investigating pro-Kremlin accounts after the events in Charlottesville and found itself quickly attacked by the same bot armies that actively spread misinformation and pro-Trump politics. After writing about bots and intimidation tactics, hackers quickly targeted the DFR for attack resulting in tweets and follows from “tens of thousands of automated accounts […] that was apparently meant as a show of force.”

A fascinating Planet Money episode further exposes the strange connection between media, bots, and Russian astroturfing.

Further, the botnet essentially created a denial of service attack on the DFR’s twitter accounts, sending hundreds of fake retweets to the account and essentially making it useless if standard Twitter notification settings are used. As you can see, the retweets exploded for a few hours and then slowed down. “Thus the massive retweeting did not spread to genuine Twitter users. Instead, the main effect was to bombard the Twitter feeds of the accounts mentioned in the post with an endless series of notifications,” wrote Ben Nimmo.

Cox wrote a story based on DFR’s research and quickly found himself a target of intimidation.

“It’s hilarious that someone would even bother using bots on my account, but if bots were behind the temporary suspension, then Twitter may have some more issues around policing its platform,” said Cox when I asked him about his experience. His account is back online. However, thanks to Twitter’s policies, messages and memes are spreading in ways probably never envisioned by the folks who made it easy to activate a Tweetbot.