San Francisco, May 5: Evading Twitter’s security algorithms, a mass-scale “botnet” advertising “adult dating” scam websites is back and is rapidly growing on the micro-blogging platform. According to a blog post by Andy Patel, a researcher with the global cyber security firm F-Secure, Twitter had curbed most of the accounts of the earlier botnet called “Pr0nbot” which was discovered in March. The earlier bot, however, is now back with a bang as “Pr0nbot2”. “A month and a half ago, I uncovered a series of Twitter accounts advertising adult dating (read: scam) websites. I used a script to recursively query Twitter accounts for specific patterns, and found just over 22,000 Twitter bots using this process,” Patel wrote in a blog post on Friday. Twitter, however, acted upon most of those accounts and shut them.
Later, Patel modified his previous script and let it run again. “After 24 hours, my new script had identified just over 20,000 accounts,” he posted. After four days, his script had found close to 44,000 accounts and eight days later, the total was just over a whopping 80,000. Twitter was yet to comment on this development.
The new bots show many similarities to the previously discovered botnet like similar pictures, same URL shortening services, similar usage of the English language. However, the bot creaters are re-tooling the new bots based on Twitter’s action against their previous botnet. “My current hypothesis is that the owner of the previous botnet has purchased a batch of Twitter accounts (of varying ages) and has been, at least for the last 21 days, repurposing those accounts to advertise adult dating sites using the new pinned-Tweet approach,” Patel claimed. (IANS)