3. We used sock puppets in /r/netsec last year (and are sorry we did)

We used sock puppets in /r/netsec last year (and are sorry we did)

I worked out a method to build a bot network to game reddit with. I have not implemented this, so I can't be sure what the results would be.

You want to build up an arsenal of accounts that have a good amount of karma so they don't look like bot accounts. You also want to route them through various proxies to hide their true IP origin.

Starts off with some manual work to get the accounts set up, but you could also use a service like death by captcha to get around bot checks and automate account generation and karma building.

To build up the account karma, automate the process of reposting top posts from 3 or more years ago. You don't even need to change the title, the suckers on this site will still upvote it, and you'll probably have some people calling it out in the comments but it doesn't even matter.

I suspect this practice is already in use because I see it pointed out quite a bit.

You can work the accounts together to get the comment karma built up on them. Use the others to post the top scoring comments from the reposts. Reddit will predictably upvote the comment.

You can repeat this many times, and within a short time you could have thousands of accounts at your disposal with karma in the 1000's.

You also want the accounts to appear as human as possible. So they'll need to browse and vote on things randomly and at certain hours of the day, not around the clock.

So, each bot will be a node operating through a proxy on its own IP that will run the human behavior patterns while they're idle.

They will all refer to a centralized directive controller that will command them to vote on certain things, which they will do at a well spaced interval, not all at once, to avoid detection. But within an hour or 2 your thousands of bots should cast their votes and you could cause the vote direction of any post or comment to sway significantly.

The only thing you really need to set up a vast network like this is resources, and time.

I imagine someone with sufficient motivation and money could pull this off.

You will need a centralized

/r/netsec Thread
Previous
Next

Recently removed from /r/netsec

Tracking Anonymized Bluetooth Devices via BLE security flaw PoC || GTFO 0x19 (Github Mirror) /r/netsec's Q1 2019 Information Security Hiring Thread The /r/netsec Monthly Discussion Thread - December 2018 /r/netsec's Q3 2018 Information Security Hiring Thread Simple hack bypasses iOS passcode entry limit, opens door to brute force hacks Google bug bounty for security exploit that influences search results Cybereason RansomFree detects and blocks WannaCry using behavioral based detection (video link, details in comment) PINs and passwords can be stolen just by watching the way a phone tilts Bella: A pure python, post-exploitation, data mining tool and remote administration tool for macOS. 2015 Vice article reveals Spotify allows for brute-force password collection. There is still no login failure/password reset to this day. More details in comments. Cryptkeeper Sets the same password "p" for everything independently of user input /r/netsec's Q1 2017 Information Security Hiring Thread A Formal Security Analysis of the Signal Messaging Protocol [PDF] Warberry Pi- Tactical Exploitation

More Random Comments

Got a few messages asking me to upload a video last time (link in comments). I'd also love more trusted/intermediate rater input this time, but all advice/ratings are appreciated. A UK politician is pushing for food to be given “eco-labels” as a low-cost but high-impact way to cut the UK’s emissions. What's your early prediction for summer servants for 2023? Who would also be a craft essence feature? Bostonians who make 150k+ a year, what do you do for a living? Electricity Bill New rule as it relates to scorpions that shipped with braces already on them. 922(r) Boyfriend is going on a guys trip to Thailand and I'm worried (31m, 28f) ‘Avatar: The Way Of Water’ Swims Past $2B Worldwide Has anyone eaten at Kona yet? Australia buys ‘potent and powerful’ sea mines to deter China [WTS] Streamlight TLR-1HL SD wedding invitations went out, true colors revealed. Family faces $450 a week jump in homeloan payments Mom’s hearing has gotten really bad and I’m not sure what to do Help