There have been a lot of stories written on the web about spam and bots on Twitter. And with 140 million active users and more than 340 million tweet each day, Twitter unfortunately becomes a more attractive target for spammers. Spambots on Twitter is nothing new, and it happens to us all every once in a while. But last week we were notified by some helpful tweeps that there might be a link between Twitter Counter and spam followers.
Let us preface the rest of this blog post by stating that we would never purposefully send spam followers to our users. We also would like to apologize to users who have been affected by these spam followers. It was never our intention to give you a negative experience with Twitter Counter.
This week we were approached by users of Twitter Counter, stating that they’d seen an increase in spam followers when they logged in to Twitter Counter.
@thecounter Strong possibility Spam Bot is using list of Twitter users logging into TwitterCounter to spread ‘Spam followers’ on Twitter — Paul Chatterton (@paulchat) July 31, 2012
Following our initial contact with these users we set on investigating where this might have come from. We quickly distinguished three possible sources for what had happened: our Twitter Widget, our custom follow button or one of our three Twitter accounts.
Our Twitter Widget keeps track of all visitors logged in to Twitter Counter, which could explain why these users were suddenly followed when logged in to Twitter Counter. We placed a couple forms of tracking on our (@TheCounter‘s) widget to try and detect whether bots were automatically loading the widget. By setting special session variables, and checking for HTTP referrers, we were able to analyse traffic for suspicious activity. Unfortunately this yielded nothing conclusive.
We suspected, since it concerned spam followers, that somehow our button might be abused through automated clicks. We could, however, through tracing, find no evidence that any of the spambots mentioned by users affected, had used the button.
The third option was that a spambot had found one of our Twitter streams. We send out a couple of automated Tweets on these accounts, of people who’ve logged in to Twitter Counter. Through our own testing, and with the help of @anyapalmer, we were able to conclude that these automated Tweets were indeed the source of the spam followers. When users logged in to Twitter Counter for the first time, our @TheRemote automatically sent an @mention to that account. As we found out this resulted in being followed by spambots within the next few hours to days. As soon as we found out, we halted these automated Tweets.
Steps taken and the future
We’ve stopped with the automated Tweets, which should prevent any new users from experiencing what others have. We’re also monitoring those parts of our service which are vulnerable to being used by spambots. We hope that this will prevent any future events. We fully recognise that by Tweeting to users on our accounts we enabled spambots to follow you. Our failure to anticipate this is where we are to blame. We are therefore very grateful to those who voiced their concerns to us and were instrumental in helping us detect the source. For some users this is, regrettably, too late. We hope, however, that your experience with Twitter Counter going onwards will be better.
As a final word, if you ever find that you’re being followed by spambots, right after you’ve logged in to Twitter Counter, or have used any other part of our service, please notify us straight away via our support email firstname.lastname@example.org.