Over the past 5-6 months, I’ve been noticing a lot of new accounts spinning up that look like this format:
https://instance.xyz/u/gmbpjtmthttps://instance.xyz/u/tjrwwiifhttps://instance.xyz/u/xzowaikv
What are they doing?
They’re boosting and downvoting mostly, if not exclusively, US news and politics posts/comments to fit their agenda.
What do these have in common?
- Most are on instances that have open signup (I’m guessing the few that are on instances with registrations may be from before applications were enabled since those are several months old, but just a guess; they could have easily just applied and been approved.)
- Most are random 8-character usernames (occasionally 7 or 9 characters)
- Most have a common set of users they’re upvoting and/or downvoting consistently
- No posts/comments
What can you, as an instance admin, do?
Keep an eye on new registrations to your instance. If you see any that fit this pattern, pick a few (and a few off this list) and see if they’re voting along the same lines. You can also look in the login_token table to see if there is IP address overlap with other users on your instance and/or any other of these kinds of accounts.
You can also check the local_user table to see if the email addresses are from the same provider (not a guaranteed way to match them, but it can be a clue) or if they’re they same email address using plus-addressing (e.g. [email protected], [email protected], etc).
Why are they doing this?
Your guess is as good as mine, but US elections are in a few months, and I highly suspect some kind of interference campaign based on the volume of these that are being spun up and the content that’s being manipulated. That, or someone, possibly even an alien life form, really wants the impression of public opinion being on their side. Just because I don’t know exactly the purpose doesn’t mean something fishy isn’t happening that other admins should also look into.
Who are the known culprits?
These are ones fitting that pattern which have been identified. There are certainly more, but these have been positively identified. Some were omitted since they were more garden-variety “to win an argument” style manipulation.
These all seem to be part of a campaign. This list is by no means comprehensive, and if there are any false positives, I do apologize. I’ve tried to separate out the “garden variety” type from the ones suspected of being part of a campaign, but may have missed some.
https://lemy.lol/u/ihuklfle
https://lemy.lol/u/iltxlmlr
https://lemy.lol/u/szxabejt
https://lemy.lol/u/woyjtear
https://lemy.lol/u/jikuwwrq
https://lemy.lol/u/matkalla
https://lemmy.ca/u/vlnligvx
https://ttrpg.network/u/kmjsxpie
https://lemmings.world/u/ueosqnhy
https://lemmings.world/u/mx_myxlplyx
https://startrek.website/u/girlbpzj
https://startrek.website/u/iorxkrdu
https://lemy.lol/u/tjrwwiif
https://lemy.lol/u/gmbpjtmt
https://thelemmy.club/u/avlnfqko
https://lemmy.today/u/blmpaxlm
https://lemy.lol/u/xhivhquf
https://sh.itjust.works/u/ntiytakd
https://jlai.lu/u/rpxhldtm
https://sh.itjust.works/u/ynvzpcbn
https://lazysoci.al/u/sksgvypn
https://lemy.lol/u/xzowaikv
https://lemy.lol/u/yecwilqu
https://lemy.lol/u/hwbjkxly
https://lemy.lol/u/kafbmgsy
https://discuss.online/u/tcjqmgzd
https://thelemmy.club/u/vcnzovqk
https://lemy.lol/u/gqvnyvvz
https://lazysoci.al/u/shcimfi
https://lemy.lol/u/u0hc7r
https://startrek.website/u/uoisqaru
https://jlai.lu/u/dtxiuwdx
https://discuss.online/u/oxwquohe
https://thelemmy.club/u/iicnhcqx
https://lemmings.world/u/uzinumke
https://startrek.website/u/evuorban
https://thelemmy.club/u/dswaxohe
https://lemdro.id/u/efkntptt
https://lemy.lol/u/ozgaolvw
https://lemy.lol/u/knylgpdv
https://discuss.online/u/omnajmxc
https://lemmy.cafe/u/iankglbrdurvstw
https://lemmy.ca/u/awuochoj
https://leminal.space/u/tjrwwiif
https://lemy.lol/u/basjcgsz
https://lemy.lol/u/smkkzswd
https://lazysoci.al/u/qokpsqnw
https://lemy.lol/u/ncvahblj
https://ttrpg.network/u/hputoioz
https://lazysoci.al/u/lghikcpj
https://lemmy.ca/u/xnjaqbzs
https://lemy.lol/u/yonkz
If there were, upbotters would use it to verify that new bottling methods weren’t detectable. There’s a reason why reddit has so much obfuscation around voting and bans.
I mean if a new account or an account with no content on it starts downvoting a lot of things or upvoting a lot of things that’s generally a red flag that it’s a vote manipulation account. It’s not always but it’s usually pretty obvious when it actually is. A person who spends their entire time downvoting everything they see, or downvoting things randomly is likely one of those bots.
Could they come up with ways around it? Sure by participating and looking like real users with post and comment history. Though that requires effort and would slow them down majorly, so it’s something that they’re very unlikely to do.
Good point, but is it then possible to come up with detection algorithms that makes it hard for upbotters even if they know the algorithm? I think that would be more ideal than security through obfuscation but not sure how feasible that is
I don’t know honestly. Really, with AI it would be pretty difficult to be foolproof. I’m thinking of the MIT card counting group and how they played as archetypal players to obscure their activities. You could easily make an account that upvoted content in a way that looked plausible. I’m sure there are many real humans that upvote stories positive to one political party and downvote a different political party. Edit: I mean fuck, if you wanted to, you could create an instance just to train your model. Edit 2: For that matter, you could create an instance to bypass any screening for botters…