Monday, November 24, 2014

A group of security professionals/online miscreants have found and themselves created thousands of online accounts to manipulate forum posts, popular news articles and mailing lists using techniques pioneered by the UK's GCHQ spy agency.

Researchers Azhar Desa, Harron Meer and Marco Slaviero of Thinkst found posts created around controversial topics such as the Israeli-Palestinian conflict were being heavily manipulated by commentary developed by bash scripts using newly-registered accounts.

Using a since patched flaw in comment platform Disqus, researchers plucked email addresses from suspect profiles used in "sock-puppet" commentary and found those in question had identification numbers in sequence, were used across the same forums, repeated comments and bumped up each other's posts.

The identity of those behind the aliases was unknown.

The fake accounts were designed as supporters of Palestine and Islam, and opponents to Israel, Syria, Christianity and US President Barack Obama.

Researchers also found separate puppet armies influencing articles on Reddit, CNN, Al Jazeera and the Jerusalem Post generated by simplistic means that admins appeared unable to identify.

"Who is this sock puppet army? It's difficult to speculate – it's a simplistic attack, so we're not sure if this is because they lack the skills set, or if they were intending to be found," Slaviero told delegates at the Hack in the Box conference last month, (slides) Digital News Asia reported.

The team, which was developing free tools to let everyone troll more effectively, used similar techniques to successfully influence popular news stories on the front page of The New York Times, South Africa's popular Mail and Guardian, Reddit, and mailing lists.

