1) In the day of election.
Intermediate results:
![]()
146,47 % - Special wrapping for pro-Kremlin party.
2) DDos attacks on social networks and media, such as, St. Petersburg Novaya Gazeta, KartaNarusheniy.ru, Golos.org, LiveJournal, Twitter, NewTimes.ru.
http://globalvoicesonline.org/2011/12/05/russia-election-day-ddos-alypse/
![]()
I asked Group-IB (Russian cyber crimes investigation lab) about investigation of this incident. But answer is obvious...
3) Wave of arrests and detentions protesting.
4) Detention of Navalny.
http://www.itar-tass.com/c32/290980.html
5)
Thousands of Twitter accounts apparently created in advance to blast automated messages are being used to drown out Tweets sent by bloggers and activists this week who are protesting the disputed parliamentary elections in Russia, security experts said.
http://krebsonsecurity.com/2011/12/twitter-bots-drown-out-anti-kremlin-tweets/
Russians fight Twitter and Facebook battles over Putin election
Protests against president's party escalate across social media with flood of automated counterattacks and alleged hacking
http://www.guardian.co.uk/world/2011/dec/09/russia-putin-twitter-facebook-battles
6) DDos attacks on Brian Krebs Twitter account. A huge number of followers every second.
7) Founder of vkontakte.ru Pavel Durov has been summoned for interrogation by the FSB (aka KGB).
![]()
This country is still in the hands of the KGB...
UPDATE: Full list of bots against manifestations http://ec2-50-19-134-213.compute-1.amazonaws.com/users.txt.
How does Twitter attacks can be implemented: (Neej)
Intermediate results:
146,47 % - Special wrapping for pro-Kremlin party.
2) DDos attacks on social networks and media, such as, St. Petersburg Novaya Gazeta, KartaNarusheniy.ru, Golos.org, LiveJournal, Twitter, NewTimes.ru.
http://globalvoicesonline.org/2011/12/05/russia-election-day-ddos-alypse/
I asked Group-IB (Russian cyber crimes investigation lab) about investigation of this incident. But answer is obvious...
3) Wave of arrests and detentions protesting.
4) Detention of Navalny.
http://www.itar-tass.com/c32/290980.html
5)
Thousands of Twitter accounts apparently created in advance to blast automated messages are being used to drown out Tweets sent by bloggers and activists this week who are protesting the disputed parliamentary elections in Russia, security experts said.
http://krebsonsecurity.com/2011/12/twitter-bots-drown-out-anti-kremlin-tweets/
Russians fight Twitter and Facebook battles over Putin election
Protests against president's party escalate across social media with flood of automated counterattacks and alleged hacking
http://www.guardian.co.uk/world/2011/dec/09/russia-putin-twitter-facebook-battles
6) DDos attacks on Brian Krebs Twitter account. A huge number of followers every second.
7) Founder of vkontakte.ru Pavel Durov has been summoned for interrogation by the FSB (aka KGB).
This country is still in the hands of the KGB...
UPDATE: Full list of bots against manifestations http://ec2-50-19-134-213.compute-1.amazonaws.com/users.txt.
How does Twitter attacks can be implemented: (Neej)
For anyone that doesn’t know this type of attack (if it can be called that) can be done cheaper than you may think – peanuts in fact.
Although I imagine it’s likely that customised tools were used for this, if you yourself wanted to do this:
$150 will get you a license for the TweetAttacks Pro application which automates posting pretty much how you want – it automates adding real looking content using services such as SocialOomph (or any other website actually). It uses a web browser to do all its work making it undetectable by Twitter. It includes an account creator which can offload captcha solving to third parties ($1.50 per 1000 if you chose the Death By Captcha Service for example).
In addition to mount an attack using 1000′s of accounts private proxies are required – Brian has already done articles on criminal activity surrounding the provision of such services however there are longstanding (whitehat I’m assuming) companies which will lease you http proxies for $1 per proxy per month – the price goes down as you order more of course. So let’s say you use 100 Twitter accounts per proxy – another $100 if you chose to attack using 5000 Twitter accounts. (you probably only need them for a month if all you wish to do is do this attack but I went two months so you can dribble out tweets like happened in the real thing to make the accounts look real).
And lastly you need a moderately powerful server – nothing too extreme by any means. Say you wanted high levels of service – you could rent a OVH Kimsufi KS16G dedicated server for ~75USD (theyre priced in Euros so depends on exchange rates).
This server is probably massive overkill and could be had for a lot less. Add $15 or so (?) for a Windows license however many people just run Windows inside a VM to avoid this added cost.
Spend some time setting up your software (this will take a fair amount of time from my experience using Twitter to market solutions to people – but it can easily be outsourced through Teamviewer or other methods for peanuts) and there you go: your own Twitter blasting machine for ~$300 USD (likely less if you went for less powerful hardware) that you can overwhelm any movement you don’t happen to like.
Social media can be a great thing but at the same time it has a tremendous capacity to be gamed.
Although I imagine it’s likely that customised tools were used for this, if you yourself wanted to do this:
$150 will get you a license for the TweetAttacks Pro application which automates posting pretty much how you want – it automates adding real looking content using services such as SocialOomph (or any other website actually). It uses a web browser to do all its work making it undetectable by Twitter. It includes an account creator which can offload captcha solving to third parties ($1.50 per 1000 if you chose the Death By Captcha Service for example).
In addition to mount an attack using 1000′s of accounts private proxies are required – Brian has already done articles on criminal activity surrounding the provision of such services however there are longstanding (whitehat I’m assuming) companies which will lease you http proxies for $1 per proxy per month – the price goes down as you order more of course. So let’s say you use 100 Twitter accounts per proxy – another $100 if you chose to attack using 5000 Twitter accounts. (you probably only need them for a month if all you wish to do is do this attack but I went two months so you can dribble out tweets like happened in the real thing to make the accounts look real).
And lastly you need a moderately powerful server – nothing too extreme by any means. Say you wanted high levels of service – you could rent a OVH Kimsufi KS16G dedicated server for ~75USD (theyre priced in Euros so depends on exchange rates).
This server is probably massive overkill and could be had for a lot less. Add $15 or so (?) for a Windows license however many people just run Windows inside a VM to avoid this added cost.
Spend some time setting up your software (this will take a fair amount of time from my experience using Twitter to market solutions to people – but it can easily be outsourced through Teamviewer or other methods for peanuts) and there you go: your own Twitter blasting machine for ~$300 USD (likely less if you went for less powerful hardware) that you can overwhelm any movement you don’t happen to like.
Social media can be a great thing but at the same time it has a tremendous capacity to be gamed.
