Thousands of Twitter accounts apparently created in advance to blast automated messages are being used to drown out Tweets sent by bloggers and activists this week who are protesting the disputed parliamentary elections in Russia, security experts said.
Amid widespread reports of ballot stuffing and voting irregularities in the election, thousands of Russians have turned out in the streets to protest. Russian police arrested hundreds of protesters who had gathered in Moscow’s Triumfalnaya Square, including notable anti-corruption blogger Alexei Navalny. In response, protesters began tweeting their disgust in a Twitter hashtag #триумфальная (Triumfalnaya), which quickly became one of the most-tweeted hashtags on Twitter.
But according to several experts, it wasn’t long before messages sent to that hashtag were drowned out by pro-Kremlin tweets that appear to have been sent by countless Twitter bots. Maxim Goncharov, a senior threat researcher at Trend Micro, observed that “if you currently check this hash tag on twitter you’ll see a flood of 5-7 identical tweets from accounts that have been inactive for months and that only had 10-20 tweets before this day. To this point those hacked accounts have already posted 10-20 more tweets in just one hour.”
“Whether the attack was supported officially or not is not relevant, but we can now see how social media has become the battlefield of a new war for freedom of speech,” Goncharov wrote.
I’ve been working with a few security researchers inside of Russia who asked not to be named for fear of retribution by patriotic Russian hackers or the government. Since Trend’s posting, they’ve identified thousands of additional accounts (e.g., @ALanskoy, @APoluyan, @AUstickiy, @AbbotRama, @AbrahamCaldwell…a much longer list is available here) that are rapidly posting anti-protester or pro-Kremlin sentiments to more than a dozen hashtags and keywords that protesters are using to share news, including #Navalny.
A review of the 2,000 Twitter accounts linked above indicates that most of them were created at the beginning of July 2011, and have very few tweets other than those meant to counter the protesters, or to simply fill the hashtag feeds with meaningless garbage. Some of the bot messages include completely unrelated hashtags or keywords, seemingly to pollute the news stream for the protester hashtags.
In addition, almost all of the bot accounts are mostly following each other, with a handful of exceptions: It appears that most of the auto-created accounts that are flooding the protester hashtags are following the Twitter account @master_boot, which looks like it belongs to an actual user. In fact, one of Master_boot’s 17,000+ followers recently tweeted to inquire about Twitter bots. The person behind the @master_boot account did not immediately respond to requests.
Interestingly, the Kremlin leadership appears to be using their Twitter accounts to bash those calling the recent elections a fraud. Reuters is reporting that Russian President Dmitry Medvedev caused shock and jeers on Wednesday after an obscene insult directed at political opponents appeared on his official Twitter feed. According to cached copies of the feed and a notification of the post received by a Reuters reporter, Medvedev’s tweet read:
“It has become clear that if a person writes the expression ‘party of swindlers and thieves’ in their blog then they are a stupid sheep getting f****d in the mouth :).”