Twitter recently restarted its verification process, aka blue tick for users on the platform, and assured everyone that it’s back better this time. Those applying have to be “authentic, notable, and active” on the forum, but it seems like this time, the process isn’t completely foolproof.
The company has admitted that its verification team accidentally awarded the blue tick to six fake accounts. Data scientist Conspirator Norteño (via the Daily Dot) discovered that the accounts had been created on 16th July and that none had tweeted even once. Also, all of these accounts had nearly the same number of followers. Additionally, two of the profiles’ profile pictures were stock images, and others were created using artificial intelligence.
Meet @aykacmis, @degismece, @anlamislar, @aykacti, @kayitlii, and @donmedim, a sextet of blue-check verified Twitter accounts created on June 16th, 2021. None has yet tweeted and all have roughly 1000 followers (and mostly the *same* followers).
cc: @ZellaQuixote pic.twitter.com/V82Wtu0SNr
— Conspirador Norteño (@conspirator0) July 12, 2021
Norteño also discovered that the collective 976 followers also used computer-generated photos of humans and cats for their profile pictures. Of the few that had tweeted, nearly all of the tweets were related to automated Korean spam. Norteño says they were part of a botnet consisting of at least 1,212 accounts.
These six newly-created verified accounts have 977 followers in common. One is @verified (which follows all blue-check verified accounts). The other 976 were all created on June 19th or June 20th, 2021, and all follow the same 190 accounts. #Astroturf pic.twitter.com/N6kkh2DBZ3
— Conspirador Norteño (@conspirator0) July 12, 2021
“We mistakenly approved the verification requests of a small number of inauthentic (fake) accounts,” Twitter told the Daily Dot in a release. “We have now permanently suspended the users in question, and revoked their verified badge, in accordance with our platform manipulation and spam policy.”
Despite Twitter’s claim that the verifications occurred by accident, former chief of security at Facebook Alex Stamos suggests that bribery could have been the culprit.
https://twitter.com/noUpside/status/1414476280381132800
“You might have a malicious or bribed insider,” he tweeted. “Something similar happened at IG (paid off by spammers, in that case).”