Crowd-turfing or Cobrapost’s Blue Virus (Challenging some myths)

PS: McAfee Official blog-site has an edited version of this blog. It was republished for wider audience.

An Indian investigative portal Cobrapost, recently released a report on alleged online reputation smearing/management/campaigns designed to gain/destroy political capital for who ever was the highest bidder or “customer”. Online world (social media)  was abuzz with political motivations, and some were perplexed if it was even possible (amazed, surprised, dismissive etc.)

Some of the bloggers/twitterati offered their own explanations, instantly building near myths and false narratives in the process. My attempt is to disabuse readers from such false narratives and myths. I would skip political aspects of this conversation and largely focus on technological aspects.

Myth 1It is not possible to have fake followers on either Facebook or Twitter.

Fortunately, this myth has  been widely debunked. Sites like Twitter Audit or Social Bakers can be easily used to discover if a twitter user has fake followers or not. Such fake followers are largely bots or proxy accounts  run on behalf of real/fake individuals.

In fact, acquiring fake followers is not a difficult task and is actually a full-fledged online business. Take the case of, a site that offers different packages for the numbers of followers a customer would like to acquire, so forth and so on.

Twitterwind Packages

There is an excellent story on this by New York times that describes buying and selling of fake twitter followers the worst kept secret in the Industry. Here is a NBC news post that questioned Mitt Romney’s sudden jump in his twitter account following by a factor of 100,000 followers last year. In may last year, NPR published a news article  on how as low as $75 one could purchase 1000 Likes

Myth – 2  Real people are running any social media campaign, there is NO concept of fake (automated bots) followers.

This is largely a defensive reaction of individuals who find themselves on the other side of the first myth. However, even this myth/narrative is false.

Automated bots or bot-nets have existed since the initial days of attacks on computers and networks by hackers and malware/computer virus authors. Bots are compromised systems/user accounts that could be used for launching a malicious digital campaign/attack on an unsuspecting user/corporation or public at large.

In the case of social media, there are three ways to create such bots.

First way is to use an automated bot (compromised system) to do key-logging of individuals to find username/password of an existing user.

Second way is to create fake accounts through auto programming. Two Italian researchers Italian security researchers Andrea Stroppa and Carlo De Micheli reported on how such fake accounts could be created using software for sale. Washington post carried this story. NewYorker magazine also has an excellent article on such twitter bots.

Third way is to launch a phishing attack on real users and harvest their Twitter/Facebook accounts. Social media phishing is a new phenomenon. Some users would recall how AP had tweeted about bombing in white house, once their account had been phished and hacked. Even the satire magazine Onion had suffered a similar phishing attack

Twitter and Facebook both have taken a lot of steps to weed out such followers. Facebook cracked down last year on both fake followers and likes.

Impact of some of the user’s friends and followers after Facebook decided to crack down on fake followers

Myth – 3 There are no companies that actually can run such reputation enhancing/smearing campaigns. 

There is actually a proper world for this activity – Crowd-Turfing!

“Crowd-Turfing” – term represents an activity of malicious crowd sourcing system that exist on social media and internet and display following behaviors – crowd sourcing and astro-turfing. University of California – Santa Barbara came out with this term in their paper “Serf and Turf: Crowdturfing for Fun and Profit

In other words, not only it is possible to manipulate social media through automated and manual means, it is very much prevalent in many countries such as US and China. Crowd-turfing is neither novel or earth shattering, however it might be a complete novelty for some Indians. However, it is largely illegal but requires extensive skill set in establishing a trail of evidence to legally nail the culprit.

This story is pretty old now from rest of the world perspective. UC Santa Barabara report on crowd-turfing mentioned such bots existing on very popular QQ services of Tencent and internet companies like Zubhajie again in China. This report documents purported activities of these companies including account creation, forum post, QQ blog post etc.

UC Santa Barbara report documents the kind of activities done by two of the crowd-turfing companies

UC Santa Barbara report documents the kind of activities done by two of the crowd-turfing companies

There is an additional story here, there is an entire business category for Online Reputation Management, that exists for improving online brands of individuals and companies. Forbes has a good article on how online reputation management companies. They also posted a follow-up article on how some of these companies seemed to be doing dirty things under the hood – blackmailing as an example.

Although, there are many more myths and narratives that could be challenged here, however if an informed spirit of enquiry could result from this, I would meet my objectives.

Disclaimer – I work for security firm McAfee in my professional life. I have written this post in my personal capacity. :-)

Remembering my father, if I could just argue with him once more

I lost my father on Nov 21 last year. Till date, I avoid talking about him on any public forum. I just never felt the need. This was not something a conscious thing to do, I just never thought that anyone else was involved in my relationship with him. It was 1:1 and it only mine to talk with him, mourn for him just between two of us.

I realized, my father used to live my life through me. He lost his own father at the age of 6 and this created deep insecurities in him as he grew up. Although he looked at his elder brother as his father figure, he still felt the need to fill that vacuum in his life by over compensating a father’s role for his own son(me) and his daughter. His childhood was spent in his near poverty and he felt that self dependency was the most powerful statement a person could make.

That way, my father empowered me and my sister at the fundamental level. We were two individuals empowered by a thought that education and self-identity were critical to an individual’s existence. As we grew up, we were fashioning counter identities (opposed to our father) exactly as he wanted us to be. We almost did not choose any path, did not take any advice my father wanted us to take. We were looking for our own path, our own thoughts and our own destinies. Hardly, we realized, he took immense pride in the fact that in our rebel streak we were achieving what he always wanted us to achieve. Sadly, I could not realize this when my father was alive and that I am sure is also true for my sister.

I lost my father to an incurable disease called as Frontal Temporal Dementia (FTD). FTD can be considered akin to cancer of the brain where brain cells starts destroying themselves due to a faulty gene. A close cousin of Alzheimer, FTD however strikes people at young age. My father was just 56 when we discovered that he was suffering from such a disease and at 59 we had lost him. At 56 he was heading a workforce of 700 people and at 59 he did not knew how to conduct himself in a socially appropriate manner. FTD is especially cruel. It first kills your personality, your individuality, your behavior before killing you completely. It starts with destroying behavior controlling part of your brain, then proceeds to destroy your sense of emotions before affecting your brain functions that control your body organs. When my father eventually died, he had no sense of depth, hunger, distance. He could not focus even for 5 minutes on a task. The only time when I felt him completely alive, was when he gave me a hug.

FTD is cruel, but having a mental disease in India is especially nasty. Not only your friends, colleagues, employers misunderstand you, your own family takes a lot of time to realize that it is the disease that has altered your patient’s behavior. My mother till 6 months before my father passed away refused to understand that my father was going to certainly die in next 3 years and his behavior change were irrevocable. When the head of neurology at AIIMS Dr. Rashmi told my mother in no uncertain words that my father had just 3 years left as there was no cure available anywhere in the world, it only then dawned on her that how precious little time she had left with her partner of 33 years.

FTD is cruel but I saw how it brought the worst in the people around my father, largely by an ignorance but that is par for how Indians generally treat any kind of neurological/psychological disease patient anyways. After my father had more or less lost his ability of emotional or social judgement of a given situation, some of them took advantage of him. Did I say I feel a sense of pity/empathy for their lack of education/intelligence and how they proved themselves as lesser of human beings?

On a personal level, I always wanted to prove my father that I could be somebody, as he had this amazing capacity to get under my skin on my shortcomings. Now when I believe I am moderately successful to prove a point to my dad, he played foul by leaving me alone.

Papa, I miss you! You meant everything to me. You are my identity and reason for what I am today! I still want to have that last argument where I can prove how wrong you were to judge me. If you could just be back with me one more time.

But i would let go, I need to let go. My father is now at peace after his years of struggle with this devastating disease. I am sure he is watching us and would be proud of the way how we coped up during his last years and after he was gone. I am sure this is exactly how he would have wanted us to be.

Initial Impression of China – April, 2011

A short and circular story of outsourcing

Does IT Security industry thrive in horizontal computer industry structure?

Business of Product Management Certifications in India

Non mobile Android devices and Security Challenges

Social Network – A movie about a lot (most) of us!

How we advertised PM Conclave (successfully) through Social Media? – Part – 3 (Final Part)

How we advertised PM Conclave (successfully) through Social Media? – Part – 2


Get every new post delivered to your Inbox.

%d bloggers like this: