I’VE BEEN DOWN covering the Disclosures Tribunal quite often in recent weeks, and it’s been busy.
Last Monday, the judge rose for a break just at around 12.30pm, barely an hour into Nóirín O’Sullivan beginning her evidence.
I’d been tweeting details of events as they were happening during the morning so decided to look at what others were saying about the Tribunal under its hashtag on Twitter (#Disclosures Tribunal).
As Twitter initially shows you the top results which could be from hours before, I clicked under the “latest” tab to see what people we’re saying most recently.
The Wifi in Dublin Castle is quite fast. The page loaded up instantly.
Not more than two seconds passed before I clicked “x” to close the tab. I looked around in alarm.
Around a dozen other journalists were sitting behind me. From where I was sitting, many of those in the packed public gallery could have, if they were looking, seen my laptop screen.
When I got back to work later that day and told colleagues they laughed as I told them what happened: porn bots had taken over the Disclosures Tribunal hashtag on Twitter.
Good heavens, why?
At the end of the day, it’s all about making money.
There’s been quite a bit of research by internet security firms in recent years as to why porn bots are so prolific on Twitter.
In 2016, Symantec discovered that more than 2,500 accounts have been compromised to tweet links to adult and dating websites.
These accounts would usually be from people with quite a number of followers, and included a US stand-up comedian, an American football player and a New York Times reporter.
Their profile photo, bio and name would be changed in order to promote these adult sites.
They would then go on a liking and retweeting spree of other people’s accounts to try to make people click the links on their page. They may follow someone on Twitter too to see if they’ll follow back.
Using imagery that ranges from women in bikinis to hardcore pornographic imagery, and promising dates or sexual encounters, they try to make people click a link where they will be redirected to a sign-up page.
Symantec said that for every sign up that link received, the person or persons responsible would receive $4 (€3.20).
However, there’s a reason they’re getting paid that money and it probably involves the people who click on the link losing some of theirs.
Another cybersecurity firm called Zerofox conducted its own research on porn bots on Twitter last year, which not only compromise existing accounts but are created ad infinitum every day on the social network.
It said: “Although the vast majority of individual bots are benign, they can be coordinated as botnets and weaponised to distribute nefarious links such as phishing campaigns, malware, ransomware, fraudulent surveys, spamruns, malicious apps that hijack control of the victim’s accounts, and spam websites that pay for clicks.”
Calling this coordinated bot network Siren, after the mythical Greek sirens who would lure unwary sailors to their doom, Zerofox said it identified 8.5 million tweets from close to 90,000 accounts related to this one network.
It estimated that these generated over 30 million clicks, as the bots use trackable google urls. It also found that most of the tweets originate from eastern Europe.
It found that most of these bots would use the same phrases, often in broken English, followed by a link that would redirect several times to the desired landing page.
For those who fall for the scam and end up clicking the links it could result in financial loss, surrender of their personal data or malware being installed on their computers.
But why spam the Disclosures Tribunal?
The answer to that is simply because it was popular that day, meaning the bots would get more exposure to their spam tweets than usual.
By that lunchtime, given the former garda commissioner was giving her long-awaited evidence, #DisclosuresTribunal was the top trending hashtag on Twitter in Ireland.
People logging on to check the latest news on their break would be met with this kind of imagery. A nuisance and an annoyance from most perspectives, the spammers are hoping for unsuspecting people to click the links.
The Disclosures Tribunal getting hijacked is not the first time this has happened about something being talked about in Ireland.
Anyone who clicked #GAA in mid-January 2013 would have seen their timeline full of these kinds of tweets, for example.
It still happens regularly on popular things trending, not just in Ireland but abroad as well.
Twitter can be diligent in taking the posts down and suspending the accounts so it doesn’t continue to clog up your feed once they are reported, but there are fears that bots on the social media platform have progressed beyond showing pornographic material to try to dupe people.
The Oxford University Project on Computational Propaganda published data last September which suggests a sophisticated effort to spread disinformation using bots during the 2016 US Presidential election, amid suspected Russian involvement.
The researchers said that in the days leading up to the election, “Twitter users got more misinformation, polarising and conspiratorial content than professionally produced news.”
But in swing states, “average levels of misinformation were higher”, even when weighted for the relative size of the state, they said.
Twitter, for its part, disagreed with this research and said that third-party research on the impact of bots and misinformation “is almost always inaccurate and methodologically flawed”.
With these kind of porn bots, in particular, spamming timelines for over half a decade at this stage, the recent example of the Disclosures Tribunal shows Twitter still has not gotten to grips with stopping them before they become a nuisance yet.
Towards the end of the year, in a lengthy blog post, Twitter said it was developing techniques to spot these spam accounts and block them before they started tweeting.
It said: “We’ve built systems to identify suspicious attempts to log in to Twitter, including signs that a login may be automated or scripted. These techniques now help us catch about 450,000 suspicious logins per day.”
Again, as this week shows, these efforts are not completely successful just yet.
I’ll be down at Dublin Castle to cover the Disclosures Tribunal again over the next few weeks, but I may refrain from clicking “latest” on Twitter next time at the lunch break.
To embed this post, copy the code below on your site
have your say