Case 12: @rtdcs is growing a gang of sock-puppetssteemCreated with Sketch.

in #steemit-abuse7 years ago (edited)

Sherlock Holmes Header

Accusation:

About three weeks ago I received the following message:

https://steemit.com/@rtdcs
check who upvote for him
this guy can make ~100 accounts in 2 weeks...
idk man I just want to give you that pointer... i wish to remain anonymous please...

A brief look at the account back then immediately revealed that indeed, @rtdcs had created himself a small gang of sock-puppets to upvote his posts exclusively.

The Findings:

In the meantime, @rtdcs has not been lazy.

His gang has tripled in size and still faithfully votes on his continuous stream of uncommented youtube-videos, mainly from infowars.com and a selection of Portuguese vlogs.

But let's start from the beginning.

@rtdcs seems to have started as a real new user.

He identifies as "Robson", a "futurist", an "aspiring innovator and science communicator" from Brazil, who is "passionate about math, physics, computing, cryptocurrency and fintech".

When he signed up on June, 13, the first things he did was reading up on steemit tutorials. For a whole day he looked like a genuine new user on the platform, upvoting old tutorials and finding out how this all works.

The formula seemed easy enough. Content gets votes, votes make money.

Up next: plagiarized content and comment spam.

Ok, content, yeah, that's simple enough, right?!

@rtdcs' first post was a collection of generic but shiny pictures found around the internet, titled "My trip to Rio de Janeiro". Just hours later, still just on his second day on steemit, @rtdcs suddenly had the pleasure of meeting @cheetah when he plagiarized a post from viralnova.com.

@rtdcs puts @cheetah on mute

@rtdcs knew what he was doing there, but he wasn't going to let some stray kitten talk down to him, just mute that annoying fur-ball and get on with comment spam instead.

@rtdc getting called out for comment-spam

Unfortunately, no luck again, people didn't appreciate him posting the same comment over and over and he received negative feedback swiftly.

The message should have been loud and clear, post original content and have real interactions if you want to make it on steemit.

But despite calling himself an "aspiring innovator and science communicator", Robson himself just doesn't seem to have much to say. For several weeks he simply continued posting various types of youtube videos without any words of his own to accompany them. At least @cheetah would leave him alone and @randowhale allowed him to make a few bucks in rewards.

Sock-puppets to the rescue

Ok, let's recall that simple formula from the beginning: Content gets votes, votes make money.

We have established that content isn't @rtdcs' strong side, but what if he could just create the votes by himself, though?

And that's exactly how he changed the game when he opened up his first four fake-accounts on August, 25. @adepto, @scobra, @daniel35 and @laminesonko started trailing his posts with upvotes immediately and have continued to do so exclusively until today.

@rtdcs must have felt encouraged by the success and ease of this.

A week later he opened ten more accounts, four more on the day after that, two days later another 14, another ten accounts the next day, and the next day, and so on.

He has opened new accounts at least every 2 days, with up to 30 new accounts being created in one sitting. The latest batch of accounts is barely 2 days old now and @rtdcs has created at least 303 sock-puppets so far.

List of all identified fake-accounts:

@adepto, @scobra, @daniel35, @laminesonko, @timesoness, @mylunchs, @greatman, @somewhere2336, @jerryhenry, @tradingblock, @kingsnow, @davidhill, @josephclimber, @gilmen, @alienman, @ricmen, @niallcarson, @enochjun, @pensfut, @brandoleofric, @pedroper, @gervascirillo, @normanagnar, @philibert, @frankian, @paulrobert, @adep2017, @scob, @metar, @timesones1, @paulfrag, @timesone, @rikguy, @lipefre, @laminesonko21, @adeptos, @stacobra, @memes2018, @timesones, @timesoness1, @gilgilbert, @richil, @greatman1, @pierluigipiazzi, @laminesonko2, @poundman, @richardolsen, @firstman, @ivanmendes, @tisantana, @powerworld, @greatman2, @maximusvinicius, @pedrohenrique, @flanklima, @laminesonko3, @pauladepto, @supercobra, @starzan, @timers, @timestwo, @onetime, @richmans2017, @greatman3, @maximusvinicius1, @pedrohenrique1, @erikcartman, @paulwatson, @jacksnake, @metatrader, @textnow, @superposts, @rihappy, @supergoku, @awesomeguy, @maxvin, @pedhen, @airplan, @gifsbieber, @jerrybear, @h2osuho, @historiasavulsas, @espaniolabulga, @deldash, @benitobarco, @darkday, @lamisok, @adep, @metdata, @thack, @haever, @hillman, @btcmoney, @gguy, @maviu, @pedpedreira, @airpower, @justinbieberfan, @mrbean, @limsonk, @adapting, @cobras, @tarman, @mondays, @timeismoney, @greatests, @richbtc2017, @btcworld, @ethmaniac, @pedrhenr, @ltcflight, @realworlds, @jerrylewis, @paulwats, @michaeljordans, @felipeferreira, @tiagosantana, @ednasc, @paulwalker, @tiagsan, @paulrober, @palaker, @superphone, @investors2017, @stevensnow, @phonenumber, @silverproject, @powerwindow, @glasswater, @ricg, @janeperry, @justintaylor, @darrylstephens, @brandonlopestri, @danielsmith, @tonyhaile, @alexanderseaman, @robertsteele, @stevenbennett, @lewishenderson, @mathewweaver, @emilled, @kennetharana, @joying, @moneys, @herndon, @kline, @lcope, @michaelburke, @dennisgin, @karenjac, @gustavop, @andyra, @margaretw, @hazelg, @sylviabrown, @robertgrant, @peggylong, @robertwhaley, @deanmoultry, @nathanmor, @gwendolyns, @ronaldreece, @charissestrayer, @roxxanegonzalez, @crystalmos, @heathersimpson, @charleswatson, @kennybethel, @robertgood, @debbiesaxton, @gladysbaker, @arlenejohnson, @louishodges, @phillipspady, @catherinehudson, @donnabrown, @bettyriddle, @lauraabeyta, @luisabe, @fredbrady, @carmenlyle, @barbarabrown, @peterclarke, @lousantiago, @margpark, @josephgarcia, @ralphring, @larybarr, @lisatarbell, @susiebishop, @mariabeck, @leslieroberts, @ashleighval, @tommyward, @melvinwood, @stephaniegut, @chesterwri, @donaldalmazan, @stacymarrys, @emogenegray, @tatianaoliver, @jamesmcgu, @victormcc, @drewervin, @kristenclain, @franceskahn, @davievans, @rogergreen, @lisabozek, @donnychap, @nicholaslansing, @barbarastelly, @donaldfarris, @adamrosado, @johnhills, @susanowens, @charlesherrera, @valeriewalker, @williamirons, @jamesthom, @ronaldandrews, @katrinashafer, @thomasbutt, @starrdefalco, @tonyacastillo, @angmorr, @michaelhayward, @joyceforbes, @suzannemurch, @bettyreed, @verdaforrest, @enidtipton, @markford, @pajose, @micjod, @felper, @tiasant, @eduanasc, @rtcr, @michellethomp, @margaretscu, @jacksilv, @beverlykemp, @samanthadr, @laso, @lennaburt, @ptos, @kellyshock, @scobras, @maryge, @metarz, @rogerfect, @veronicawill, @suzgodin, @josguz, @isibrek, @tareva, @davhunt, @thomaswash, @teste, @barbriv, @martys, @prisluc, @roncol, @veryou, @stegrif, @gerath, @cathmurr, @willfow, @doroma, @ellenlan, @carlosbar, @aprilrob, @mayrob, @francon, @bettros, @delmun, @garthay, @beattay, @patlop, @wiholl, @jozar, @robstr, @rhic, @fritzd, @terrim, @rodolfoarm, @barbfink, @heathermull, @mpear, @francescook, @nicolenel, @moracars, @dianbow, @howardtoo, @pilarduran, @jabo, @ruthtuller, @melwhite, @ambermarch, @carlboyd, @ralphkline

It's reasonable to assume that he's already opening a dozen new accounts while I am still typing this post.

Bottom line:

I have started flagging away some of the pending rewards on his posts, but my voting power is by far not enough to counteract the dollar his 303 sockpuppets create on each post.

Also, he has managed to rise to a 61 reputation score already. It will require an even more reputable account flagging him in order to reduce this certainly undeserved score.

Your help will be much appreciated, either by removing a few cents in rewards on hist posts younger than 7 days, or, if you have the means, by leaving a dent in his reputation.

yours,
Sherlock

P.S.: I had contacted @rtdcs ~36 hours before releasing this post when I first started flagging him. I notified him again after it was published and in the meantime he did get in touch. Of course, he claims that he does not own these fake accounts. In contrast to most other cheaters I have accused before, he was actually civilized, reasonable and pleasant to talk to about it. He claims to be the victim and not the source of his voting trail. Despite the already more than obvious situation, I did check a few loose ends to see if maybe the account creation cluster's history lends some credibility to this, could someone be creating bots, trailing an innocent steemian, just to troll them and misdirect community vigilance? If that was indeed the case, then @rtdcs would be an exclusive victim. The account creation clusters are sound and consistent and don't show any suspicious "sibling" clusters. If he was targeted with this by someone else, then he would be the only victim. Let alone the facts that he is using his own posting rhythm and style to maximize the efficiency of his voting trail, stopped using voting-bots just prior to growing his own trail, etc, etc. After all, I am still convinced this is his own work at play.


Please ReSteem for Visibility

Sort:  

Flagging is one thing, but I hope that Steemit, Inc has a process to review these findings and revoke their SP delegations on any abusive sock puppet accounts.

Hopefully this will be addressed in the next hardfork, though that seems long overdue, I'd expected it sooner. Steemit Inc. was supposedly working toward a system where new accounts receive a permanent bandwidth allocation which would allow them to interact with the blockchain as a normal user would - instead of receiving the delegated SP required to do so now. Essentially new account should start with 0 SP, removing the incentive for this type of situation.

Bryan, how much SP do new users start with? I guess you are right that a 0 SP starting point for new users would encourage those users to interact more with users with SP perhaps. So, I am thinking your idea may be better than maybe some of the alternatives.

Currently users are given very little SP, (1 or less I believe); but they are delegated approximately 15 SP from Steemit Inc. in order to give them the necessary bandwidth allotment to function relatively normally with the blockchain. This delegation then dwindles as a user earns their own SP until it is taken away, it’s use fulfilled.

That system is a big driver for abuse, particularly at large scale. 1000 fake accounts amounts to 15,000 SP delegated which is substantial. The thinking is a system which allows interaction but begins a new user with a vote weight of 0 removes this “attack vector.”

It’s also unsustainable for every account to need the initial 15 SP. Currently there are only about 250 million SP in existence. That would cap the user base at under 17 million people. A big number, but nowhere near the scale needed. So there are still big changes ahead to the basic principles of account creation.

Yes, this will be in HF20 to deal with large scale onboarding of new accounts. Hopefully it comes soon to slow this down.

There are quite some arguments to be made if this will indeed fix the problems. While it certainly does remove some of the incentive (the free voting power delegation) it does not fix the problem of creating fakes and the base bandwidth might be a big floodgate for spam.

We'll have to see how such a fundamental change will play out, but at least cheaters won't get a free stake to use in their schemes.

Agree on the spam issue. Having bandwidth limitations was one of the great features to help mitigate spamming. It made quality interaction actually somewhat necessary to get started - and that was one of the draws for this platform (which has been all but lost at this point).

I never understood why catering to low-quality users was preferred over the alternative.

One of the reasons bandwidth became an issue for new users was due to the payout period being changed to 7 days. When you have to wait that long to see your first rewards trickle in, it makes overcoming bandwidth limitations much harder for people eager to interact. It's another one of these changes that were made without properly evaluating the potential consequences and understanding the coherence of the original protocols and vision.

But they just kept plowing ahead without worrying about the effects of the changes...even after-the-fact, when abuses became much more rampant and lucrative. At this point, I have no expectation that anyone actually cares to restore protocols that were both purposeful and effective.

If I'm not mistaken Dan warned everyone against the changes in HF19 for the linear rewards issue too. Giving bigger (relatively) vote power to us smaller account too. All of it together kinda help breed this incentive to scam the platform.

I am staying positive that over time the issue will be corrected, learning as they go along, Steemit still is "beta" after all.

I wish I could disagree!

I have seen zero evidence that they 1) care about these things that occur with their delegated stake and/or 2) have any plans whatsoever to help mitigate it by undelegating.

They will likely just say, "You can downvote them."

Problem is - those downvotes cost you potential rewards because of voting power wasted on cleaning up their inefficiencies (messes).

They did remove abused delegations a couple months ago.

@transisto and @personz reported abusive accounts somehow and @transisto said they got timely results. I don't know how the accounts were reported, though.

There really should be a published process for reporting suspected steemit delegation abuses. That's a slightly different case from someone voting their own steem power from multiple accounts.

You know, our words have the power to change this. If a horde of accounts start criticizing steemit for it, I believe they will do it because of the pressure.

I would hope so, too, but it seems there isn't much attention being paid to this.

Even accounts that have been identified as sockpuppets 2 months ago still hold their sign-up delegation!!

Grazas por esta útil información para a comunidade de escrita en #portugues #pt.
Be lucky.

You're welcome! And indeed, this is relevant to the #portugues community, maybe I should add that tag?

@sherlockholmes, you can use "pt"our tag that is from the portuguese community. Thanks for the feedback about @rtdcs.

I've decided to leave the tags as they are, but I am glad to see someone from the Portuguese community has already picked up on it.

Thanks!

99% of his blog are now grayed. @ats-david had done quite a lot already.

I can't way for the next HF so that account creation aren't so easy to abuse.

Oh wow! Great work to you and @ats-david.

Do we know how people are creating lots of accounts? Do they get past the Steemit team or use Anonsteem.

We need someone with a lot more SP to deal with this sort of thing.

Unfortunately, they are going through steem, likely with temporary phone numbers for the sms-verification.

As in almost all my cases, they are simply exploiting the steemit sign-up process with fake credentials. And that's also how they get their initial voting power, delegated by @steem!

Using anonsteem would require an actual investment, cheapskates like these take the free route!

I guessed they were not paying for it. Steemit need to filter out fake phone numbers

Unfortunately, that's probably almost as impossible as filtering out fake emails.

Does Steem use browser fingerprint with a machine learning component. It's very hard to keep a truly clean session and spammer patterns can be found quite quickly.

Looking at how much the steemit.com sign-up process is being exploited, I sometimes doubt that there's anything being checked at all!

Guy, are you still active here?
I need your expertise.

I know it's hard, but other sites have dealt with this too. I do wonder if all accounts should have to be paid for. Even a few dollars would deter such behaviour. I know that's an obstacle to poorer people, but Steemit could get overrun with such 'sock-puppets'. I just don't have the answers for this.

I'll probably discuss this with folk at Steemfest. It's an important topic

I think the proposed change in HF20 does have some potential by creating new accounts with zero voting power but a minimum allocated bandwidth without available stake instead.

At least this does take the incentive out of mass creating new accounts, but I am certain it also opens up some new exploits of its own!

I think there is plenty alternatives to charging people. The would deter most new users.

Perhaps we need an account that we all delegate to that can quash these thieves? Or delegate to Steemcleaners?

No need for us plankton and minnows to delegate anything to steemcleaners.
It is already strong enough to quash these thieves with no action from us except informing it.

You can do this from the Steem API or CLI using your account keys, I created one like that for testing SteemConnect. Every account shows which account created it though, if I remember correctly, so I presume that's how this case was identified?

EDIT: Wrong though apparently ;)

I've seen that there is an Anon setup for new accounts, for people in countries that can't do it the usual way, so someone could step up as many as they wanted this way I assume.

You have to pay for that service. 10 Steem at the moment I think. Not a great way to build a bot army. We need Steemit to detect fake accounts better, but it's not easy to do

6 Steem currently.

I agree there does need to be a better way to detect fake accounts, but those intending to break rules or cheat a system are usually pretty good at what they do.

I would imagine you could do it with a VPN and a few fake Google email addresses. People do this sort of thing for Facebook accounts all the time to create "like farms". I can't imagine it would be much more difficult for Steemit. Once you have the accounts the Steemit API would make manipulating the account actions easy.

So are you saying that someone with a reputation over 61 needs to flag this account for it to affect his reputation?

That's correct! Flagging with a lower reputation will decrease the payout of the post, but it won't affect the poster's reputation.

Thanks!
Will it affect the flagger in a negative way if the other person has a higher reputation?

Yes, if flagged by a user with higher rep, it will both impact post rewards and the reputation.

Thanks for your reply. I obviously phrased my question badly - I meant does the person flagging with the lower reputation get affected negatively for flagging someone with a higher reputation?

Oh sorry, I didn't get that. You phrased it just fine, I simply didn't read properly ;)

Will it affect the flagger in a negative way if the other person has a higher reputation?

No not at all! It won't have any negative impact on the flagger's account.

Flagging does use your voting power for a downvote just like an upvote would, but that's all there is.

Oh cool. Thanks for explaining that.
I thought I'd read that people flagging someone with a higher reputation could end up being worse off for it.

Thanks for all you do. It's most needed and appreciated. :)

You should consider it when being alone and flagging someone who is higher up in reputation, because their potential retaliation would be very dangerous to your own account.

In a situation like this one right here, where you clearly have other users in your back, such consequences will easily be negated!

Im a few points away lol, so close, but not enough to damage the rep.

It affects us by wasting our valuable voting power. I'd happily donate my account to flagging these folks, but I'd have to be paid for it because it would mean I'd lose out on curation rewards.

Oh thanks, I understand it now. thanks for your comment.

Flagging anyone has a negative effect on the flagger as it consumes the flagger's voting power which can be used for gaining author or curation rewards or self rep boosting.
A flag has a positive effect on the value of Steem as it helps preserve the rewards pool, but unless the flagger has a considerable portion of all Steem in existence, the negative effect surpasses the positive effect.
If you referred to an automatic decrease of the flagger's reputation or steempower, then the answer is no.
Retaliation by the flagee does have a negative effect on the flagger.

Thanks for all your information, I understand this much better now.
I appreciate your advice.

So we still should flag his posts down even if we don't have that much reputation? Just to bring his rewards down? Never flagged anyone before but nobody likes cheaters 😠

It's a hard one dude. You flag the wrong person then you could get into a flagging war and they could start digging into your earnings especially have a lot of money behind them. I think this is where the whales that no longer contribute to the platform should delegate their power to people like @sherlockholmes and @steamcleaners so they can do more. As you say no one likes cheaters.

I thought about that but it's not like I'm going to get rich from this anyways 😂
I just don't like cheating.

Yes, just shaving off some of the rewards will already be a punitive measure for the cheater and also protect the reward pool from this abuse.

Well I started flagging some of the posts beginning with the ones that are 7days old and went upwards but this is a busy dude, lots of posts every day...

tips hat

Thanks for the support, and yes, he is making the most out of his sockpuppet gang... 10 posts a day to keep the voting power usage at maximum efficiency!

I went through most of them now. You keep up the good work @sherlockholmes

tips hat

thanks for the support!

We need another purge night with stellabelle :-)

Well... I'm sure there will be plenty more opportunities for those as well.

Sorry to ask, as you may have detailed everything before... but I was just curious what other accounts/initiatives you regularly work with - and where you feel it would be most beneficial to delegate power. Do you run a bot of your own, do you only flag manually, do you feed all these account names to sadkitten or steemcleaners to blacklist, etc? I'd like to make at least a small donation of delegated power and I'll gladly place it where you advise.

You can delegate to @sadkitten bot, it is where list like above are being added.
The voting power is always being used.

No, thanks for your inquiry! I don't think I've detailed this anywhere yet.

I am losely affiliate with the @spaminator initiative. I do further submit lists of fake accounts or abusers to @sadkitten and @steemcleaners/@cheetah when appropriate.

I do not run any bot of my own, I am ethically inconclusive about doing so. For now I do insist in making all my flags manually where I see it's 100% appropriate. I believe the "human element" to be of importance in my work and hence my activities should reflect that.

I further believe it is important to keep an "organic" component in the growing automated abuse prevention initiatives which can become a case of abuse in themselves if they get too centralized at that. Hence I am also reluctant to refer any particular one to delegate to.

A few (well, two actually) steemians have delegated some power to myself proactively. I do not advertise for delegations as I insist in being an independent investigator. I will not agree to any sort of financial agreements and in general I would prefer to have active community support when it comes to flagging abusers.

I use my voting power for rewarding engagement on my posts, flagging abuse and upvoting vigilant steemians, pretty much in that hirarchy.

Sorry if I can't supply a distinct recommendation or pledge here, you'll just have to follow your own moral compass!

No need for us plankton and minnows, not even you dolphin, to delegate anything to steemcleaners.
It is already strong enough to quash these thieves with no action from us except informing it.

It is behavior like that with nearly 0 punishments for it that lead me to believe Steemit can only ever be a temporary platform. It is the first generation of block chain social networking. There will be a better one soon enough that will be aware of these sorts of exploits and work to prevent them.

I understand your sentiment very well. I am curious to see how this platform and the ongoing problems will develop as it continues to scale and I agree, there's a lot to be learned from the things happening now, to either incorporate in the development of this very blockchain or alternative projects.

Agreed, but meanwhile it makes sense to do what we can for this platform. The work that people like you are doing to protect and sustain the integrity of this platform is very beneficent and I for one appreciate your efforts (I imagine others do too).

I flagged his last two posts with 100%, but his reputation is still at 61.?

Yes, I am not sure exactly, but I think your reputation needs to be something like 5 scorepoints above that of the flagged account to impact his reputation.

Thanks for the support, though! Much appreciated!

oldtimer you are doing the same thing as him, circle jerking.

You might want to have a look at a user by the name of "tibizness" as well (ampersand left off to avoid notifying the user). Specifically, have a look at the wallet transactions. Aside from the usual paid for upvotes, there transfers to a number of sub accounts that seem to repost photo content from the web.

tips hat

Thanks, I've added it to my backlog for later investigation!