Case 9: The @ecoworld conspiracy - identifying 4,766 + 1 cheating accounts

in #spaminator7 years ago (edited)

Sherlock Holmes Header Follow The Money

Accusation:

It is not really an accusation this time, it is more of a known fact that @ecoworld has abused the reward pool. Many users have approached me about this, well, not this incident specifically, but more on that after we get to the conclusion.

In order to bring more awareness for the severity and extend of ill-intended reward farming on this platform, I am looking into an old file today. Also, it's @ecoworld's 1-year anniversary on steemit today, what a great moment to reflect on their history.

Some of the things I will present, may be well known to many of you, but, I hope I may be able to connect some dots that have not been visible to some of you until now.

I'll also show some big numbers, because I know those are impressive, right?

The Findings:

Let's start with what is common knowledge about our birthday boy.

@ecoworld's history

Despite the old age, the account had only posted three times in it's early days, after that it remained completely inactive until July, 5th of this year. On that day, they started a major comment-farming operation. Quite simply, they were posting numbered comments under their old posts, self voting them with an army of fake accounts. The first one to notice this, only two days into the operation, was nobody other than the legendary @ionlysaymeep.

ionlysaymeep discovers ecoworld

Unfortunately his "meep" wasn't heard by anyone, so @ecoworld could continue doing their thing, continually growing, upvoting comments for up to $7.90 each:

high paying comments by ecoworld

It would take another 10 days before @neoxian and @someguy123 stepped in and started flagging down the post rewards:

finally some flags on ecoworld

With enough flagging, continually reverting the rewards to zero, this money grab was eventually stopped. The culprit wasn't going to keep wasting their voting power just to see all rewards flagged away.

As the operation was only stopped after running fine for 12 days, @ecoworld was able to collect 364.690 vested SP and 401.334 SBD to-date. They have exchanged all their SBD to STEEM, which they vested for Voting Power and are now currently in the process of powering down 701.490 SP. This doesn't sound like too much, but be patient, I have some bigger numbers for you later on.

The Importance of Flagging

I want to take this opportunity to make an intermission for an important statement about something that I see being debated quite frequently.

Flagging is not just a tool for hostility or censorship, no, those downvotes are an important defense mechanism for the steem-economy. If flagging was not an option, a scheme like this would continue indefinitely and grow exponentially, taking money out of the reward pool that would otherwise go to legitimate authors!

Also, those who do the flagging, they are giving up the returns they would be able to gain from their upvotes in order to protect the communal reward pool! So please, a legitimately used downvote is something good, important, and healthy for this platform!

Of course, downvotes can be abused, but, if there's one thing we can learn from @ecoworld, so can upvotes!

Get over it, yes, flag-wars are ugly and childish, but flagging is not the problem here, the problem is abuse of power, and it happens with upvotes, just like it happens with downvotes!

On with the conspiracy.

@ecoworld was not alone, a little later @aleksphoto made the stage.

Just a day after @ecoworld's operation had been stopped, on July, 18th, @aleksphoto started preparing the exact same thing @ecoworld had done. @aleksphoto was never stopped by force, they waited until shortly before post payout, kept selfvoting for a day and stopped the operation immediatly after a single voting streak on July, 25th. @aleksphoto is currently powering down 340.123 SP.

This coup was being well coordinated. Our next players entered the stage right immediatly. E.g.: @yantarik started it's prep-work on July, 20th, the voting started 6 days later. This time, it did not go unnoticed, though! After just 6 hours of voting from the bots, @blueorgy, @ausbitbank, @nextgencrypto and @followbtcnews stepped up to again nullify all the ill-gotten pending rewards. If you want to know more, @ausbitbank had posted a PSA about the situation back then.

Am I boring you already? I know, all this is well known and documented! Where's the conspiracy promised in that clickbait-title?

Follow the Money!

This should really be called the @dart conspiracy, but that didn't sound as good and it would have given the conclusion away.

If you look at the wallets of our aforementioned comment farmers, you'll see they are powering down, but you might wonder, why does the STEEM never show up in their wallets?

We are able to see a bit more about those withdrawals on steemd.com than on steemit.com:

an ecoworld withdrawal as displayed on steemd.com

There's a little know feature called "withdrawal-routes". It is possible to set up an account in such a way, that when it powers down, all the STEEM gets credited to another account directly. This is why the farmers' harvest seems to disappear. All their money is going directly to @dart!

The Bottom Line

Let's see those big numbers I've promised you earlier!

@ecoworld certainly isn't alone, it may be the biggest account in this operation, but there are in total 4,766 active withdrawal routes, all pointing to @dart.

dart's withdrawal routes

And while the money collected by a single farmer, even by the biggest one, didn't look that impressive, @dart's bottom line is indeed worth raising an eyebrow.

Dart's wallet currently holds 11,850.794 STEEM, and looking through their transfer ledger, a whopping 67,608.546 STEEM have already been extracted, mostly through poloniex.

total damage so far: 79,459.340 STEEM !!

and some 5.748 SBD just to be precise.

That's only the sum in @dart's hands up to now. The army of accounts hasn't even completed powering down, yet! The total damage will continue to rise!

The Present Situation

and what can we do about this?

The large scale comment farming has stopped, it was too easily detected. The majority of the bot accounts have started voting on random posts, this is why I have been approached about this multiple times, people do get a bit concerned when a hundred small random accounts start voting on their post. So this self-rewarding comment-farm largely seems to have turned into a curation-farm? Yes, for the most part. Hey, at least you can get lucky and see some random upvotes.

The network still does vote on itself in some minor cases, they have resorted to a maximum of 200 votes on a single comment and usually the reward per comment stays below the $1-line. @sadkitten is doing an amazing job at recognizing these self-reward attempts and countering them. But @sadkitten is just one kitty against many thousand rats.

The platform needs urgent support on this front! Stopping an operation like this with only human intervention is a battle we cannot win! Support @sadkitten and the @spaminators or build your own initiative if you have the capacities.

This is a decentralized community economy, and we must protect it as such!


I will dedicate more of my time to look deeper into this tangled web.

I have identified some leads and I am already on the tail of another few thousand bots.

But for now, I wanted to leave you with this, for awareness, and with hope to create more engagement!

yours,
Sherlock

-> CASE 9 APPENDIX: list of accounts and transaction ledger <-

  • I already broke some of your thumbs when I shared ~1,700 accounts in case 7, so today the list of accounts posted separately is posted separately by my assistant @johnwatson, it's linked above.
  • The list has also been fed to @sadkitten, it contained 3,077 previously unlisted accounts.
  • The transfer ledger of @dart does not display correctly on steemit.com. I will have my assistant include a summary of all outgoing transaction in his post, too.

P.S.: Writing this post took a little longer, so my birthday present to @ecoworld is a few hours late, I hope you will forgive this factual innacuracy.


Flagging is Important!

The reward pool needs to be protected from scammers and abuse!

The community must fight against spammers and scams!

please share your thoughts

Sort:  
There are 2 pages
Pages

What I miss here is mentioning the obvious: large amount of bot comes from @noganoo and @ubg - abusing squatters and spammers that are hurting the platform.

The links to those infamous friends will probably fill several posts of their own!

Thanks for adding this to the picture here.

Can someone please upvote this for visibility?!

Can someone please upvote this for visibility?!

i try. well...

This is a Russian network of scammed accounts, possibly related to steemitmarket.

What amazing findings you are sharing with us! Thank you, I am enlightened a bit more now. ;)

Talking with another important individual on this platform about abuse of all sorts, we both came to the conclusion that Steemit should probably have an "Account Downvoting" system where such abusive individuals are givens less and less power to do what they do to our platform.

If we let the baby baobab grow, this could easily become one of the toughest phenomena to cut down...

All for one and one for all! Namaste :)

Almost 80,000 STEEM, you say? And I'm always being told that the abuses and exploitation isn't that big.

This is from one operation. Many others have already been found. How many were not? How many are currently happening that haven't been discovered yet?

Right. The blockchain protocols don't affect any of this, I'm sure.

Almost 80,000 STEEM, you say?

That number doesn't even include the remaining SP on those 4766 accounts!

yeah, it's pretty horrible, isn't it.....rewards for those who do basically nothing.

@sherlockholmes, thanks for advocating for our community. I appreciate fellow Steemians who are willing to stand against this abusive accounts and flag them.

Honestly, I still feel a bit skittish, because I fear retaliation. I hope to grow in influence so that I can also help with these concerns.

Don't flag if you feel like you will be overpowered in retaliation, it's not worth the trouble!

You can always seek the assistance of @spaminators in case of spam or @cheetah when you see plagiarism and/or impersonation and similar offenses!

 7 years ago  Reveal Comment

Only those with administrative access to @cheetah can.

Everyone else must report cases via steemit.chat or discord, or hope that a mention is noticed.

 7 years ago  Reveal Comment

@berniesanders wasn't only flagging @noganoo. I am unaware that @dan specified the reason for the flagging. @krnel may have more information than I.

Hi, man! I've noticed something interesting today. It is a lot of posts which contains only 1 image without any explanation. I catch them on posting 2 similar pictures from different accounts (clover photo).
All of these posts were made by 5-6 users and after passing some hours Upvoted to $2-3 by one user -tard-. Isn't that an abuse for Steemit reward pool?
I checked his page, last wallet history, posts and comments under his last post (300 comments from only one word). This all was interesting for me but I can't dig deeper using only my mobile app. Can you take a look? Thanks.

Added to my list, but my backlog is long, please don't expect quick results.

Thanks!
How do you think, can your =Dart=and my =Tard= be the same PERSON (anagram)?
Two days ago, maybe after my reply to you, he changed his voting strategy and started powering down. Now looks like he has more than 60 voting bots with delegated SP. Is it legal?
Sorry for lots of questions, but I don't know anybody else, who can check this abuse.

Sorry, my desk is cluttered, I hope I can look into this soon!

Wait, I do not get it, why don't you just create like 5 accounts and have them upvote each other. Then, no one can tell easily.

Well, that's what they did, only at 1000-fold magnitude, but you see this in much smaller clusters, too, of course.

Awesome post, I really enjoyed it. I hope you appreciate the vote!

“I must thank you,” said Sherlock Holmes, “for calling my attention to a comment which certainly presents some features of interest, but I was exceedingly preoccupied by that little affair of the Vatican cameos, and in my anxiety to oblige the Pope I lost touch with this conversation.”

Users will find it strange to see that I support you!
Because I'm on the black list with cheetah!
Good job! you sent it to me a few hours ago, but I just read it. Was at school! and finally had a little sleep
I share with my friends!
resteem

I do keep my eye out for calls for help in flagging abusive posts, particularly from Spaminator, but I'm definitely leaning toward donating delegated power as well. Who is developing and controlling the sadkitten bot? I'm having a hard time keeping the various initiatives straight.

Anti-abuse Ai - if you feel you have been wrongly targeted please contact @personz via Steemit mention or on steemit.chat

I didn't know about "withdrawal-routes". I checked the top curators from the past 30 days on SteemWhales and I didn't understand why almost nothing is shown in some of their wallets. I think this is explained by "withdrawal-routes".

Sounds very much possible. Maybe I should take a look from that angle also!

Mother fuckers... I had no idea this sort of thing went on! No matter what small corner of the earth or in this case the web there will always be someone two steps ahead taking advantage of a system to basically steal money.

Wow, those are a lot and lot of self-upvotes. I think steemit really needs to have a check on multi-accounting. I have heard early birds were easily able to create multiple accounts, that should be corrected somehow.......

Multi-account use is perfectly fine and legitimate in many cases. It really depends how such accounts are used.

As long as accounts provide a service, or distinction in use I think it is perfectly fine to run multiple handles.

Only if such networks are used for obvious cheating or if individual accounts are running under the pretense of being real individuals does it get problematic.

Shame on all those @ionlysaymeep's haters. They better recognize how awesome he is 😌
MEEP!

just talked about @ittrex

I found an account that does stuff like that...

@alfredoheck he got comments ready to do the run on them again...If I'm not wrong.. but surely you could find a trail to some new scam account...

@alfredoheck luckily has already been busted by @adm, his standing comments are a month old and past payout.

But your observation is correct, this was happening under the same scheme.

Thank you for your work! tip! 0.5 hide

Thank you!

tips hat

@sherlockholmes, first off thanks for all the work you do for the community!

With these "nets" being (potentially) worth as much as you are reporting here, I can't help but wonder how many of Steemit's "inactive" accounts (i.e. account created but never used even ONCE) are actually "sleepers" that can come to life at a moment's notice?

Which begs a secondary question... of whether it should be written into the base code somehow that "unused" accounts are automatically purged from the system after 3 or 6 months of never having been used. Purpose would be two-fold... genuinely abandoned accounts would stop taking up database space and "sleeper" accounts might force their owners into visibility, so they could be dealt with.

automatically purged from the system after 3 or 6 months of never having been used

This sounds like an interesting thought and I hope you will carry this discussion on!

happy to upvote and support more investigations -- rock on SH

Wow, I reareally enjoy these pieces. Not only for the way you expose abuses of the system, but your writing style is very dramatic. At least in the way you presented this piece, and I mean that in a good way!

I just gave @sadkitten and @spaminators a follow so I can begin to support them for the service they bring to this platform. Thank to everyone helping pretext the reward pool from abuse!

I must admit, this amount is much higher than I would have imagined. I do wonder how many botnet upvote farms are operating that no one has caught? How do you catch these things?
I cannot imagine Steem without your hard work. Thank you for magically appearing one day. You're one reason I have faith in this ecosystem....@patrice too, as she worked hard every single day for us!

How do you catch these things?

Steemdata and a curious mind!

Thanks for your support @stellabelle.

tips hat

I have been wondering about a lot of strange very small votes that dont come from humans and never comment on most of my recent posts - you can check if you have the technology - i wouldnt know how too

Wow, fantastic finds. I do not know what @ecoworld thinks by voting in its own comment. This is really a greed with a very unbelievable number.

And I found more and more discoveries that voted in his own comments. If this is an abuse, then it should stop immediately.

Thanks to @sherlockholmes, who has done this great job.

Great stuff. It's good to know there is some effort to counter those who are exploiting the system.

I have some data skills to assist and can also contribute with a small delegation (steemconnect is rejecting me at the moment). This work is really important to the long term viability of the platform.

If you want, you can get in touch with me on steemit.chat -> @sherlockholmes.

"No user with username "sherlockholmes" was found!"

I don't like steemit.chat much. Do you Discord? There is a new one called SteemDevs that might be suitable? I am also on the MSP Discord.

Judging from the amount of people messaging me on steemit.chat, it cannot be that hard.

I know that flagging is important , but I have never used it. Because I do not know what happens next. For spammers I use it next time.

This is very interesting. Unbelievable how much abuse is being done on steemit.
As a new member, such info is important for us to avoid being scammed to paying what little we had to get upvotes only to find that they are a waste of our efforts and money.
Although a bit late, I am glad to hear about @ubg being a scammer. Although I noticed something fishy, I still wasn't sure about it.
The story is that I have started an initiative to share any SBD payouts I gain with all upvoters of my posts. True to my word, I did and I noticed that I had few people upvoting regularly, which nothing wrong with it of course.
As another initiative to help fellow minnows, I started visiting these people to upvote some of their posts as a thank you and as a mean of support (although my SP is low). Doing that allowed me to notice that some of the upvoters were either not active at all or haven't been active for a long time. @ubg was one that was not active regularly but always appears with another acount @nrg that was not active at all..
Hearing about all the scamming that happens on steemit, I decided to change the rules for SBD sharing to encourage real people to comment on the posts, to deserve their share and to increase human interaction.
Of course, I haven't heard any comments from some so far, including @ubg or @nrg.

Thanks again for sharing this important info.
Please keep up the great work to stop such abuse from growing.

I notice in the last 3 month I have many new followers they all begin in June, July and August around 10 new followers per day. Many of these account doesn't post anything few have some up-voting power, but if you look into their wallet there is nothing. Is this the same kind of abuse? the last 3 month you can feel a big change in Steemit it is really full of accounts which are not posting anything. Can you enlighten me?

There are thousands of new accounts that follow similar patterns. Following at random is often done to create a follow-back audience. When an account has gathered enough follower you might eventually start seeing it doing spam attacks.

But really, there are more schemes than one can count in which these "empty" accounts are involved, time will tell!

I have to wonder if the scammers will prevail in the end, by their sheer numbers & bots. I also wonder about Marketers too.

I understand your concerns! Absolutely!

The only way to combat this quite possible bad outcome, the community must become more vigilant.

I certainly hope I can shake some people up!

Someone from the @steemitdev @steemit @steemitblog @teamsteem should give a bounty to Sherlock for such great work.

I don't work for Steemit Inc. I'm just a normal user. I already give this post 100% upvote.

Thank you for clearing the confusion and sorry for bothering. I saw your upvote at the top.

This is really good work. I don't know why Ned or Dan or Steem Inc don't give you some delegation.

Well, in a way they give delegation to all these bot accounts, though!

Sad story.

I am curious. In what way do @dan and @ned delegate to these scammers? I am sure it is not directly.

No, not directly, what I meant is the sign-up delegation that is included in the account creation process through steemit.com.

But that delegation could and should be canceled. Which it isn't.

Great job reporting this fraud. I have never flagged a post in the year that I have been a member. I am reluctant because of the flag wars. I think it's time to change my thinking.

Does it make sense to have a committee of members that have common sense to flag these crooks? I think flagging gets out of control in an uncontrolled environment.

I commend you considering your stance on flagging!

I think flagging bot accounts does not need too much control! Of course, when dealing with humans, it always makes sense to talk to the culprit or other related community members first!

There are several "committees" of people flagging in serious instances, but those are naturally all coming from social cliques or established services like @cheetah.

There are so many posts that I would like to flag lately. The ones with a picture or video with very little else, the people that post more times than you can count every day, the spam comments and repies, the ones that ask for upvotes - follow - resteem with no other content, etc.

The problem with flagging is retaliation. There are so many that deserve it.

You're doing a great job, @cheetah, etc. If I
could make the call, there would be a Steemit police dept. 10 or 15 paid members to weed out the crap. 10 or 15 that don't have to protect their reputation that can flag the hell out of some of the abusers. I would make you in charge, with a nice salary. It would be worth it to the community, because you and your team would save the overall community money, money that could go for the quality posts.

Thanks for forwarding so much trust in me!

tips hat

But remember, I am also just a single individual, this must be a decentralized community effort, there should not be "one in charge".

I get your point. You are a good detective though! I appreciate your efforts. You are definitely a plus to the community! I followed you.

" If I
could make the call, there would be a Steemit police dept...."

In a voluntarist society, which Steemit is, you CAN make the call. Just make the call. Start doing it. @sherlockholmes is overworked, and there are others with similar skillsets that may be willing to participate. @paulag is an Excel expert and has done some detective work, if you have a look at her posts.

I reckon folks are happy to support such good work, as is apparent from @sherlockholmes upvotes on this post, for example.

If only my downvote had the power to do some serious damage. I'd start flagging some of these lowlifes with a vengeance even though I told sherlockholmes yesterday flagging makes me nervous of reciprocal actions.

I think the most important thing the community can do is upvote and resteem @sherlockholmes and @cheetah so that more people are aware that someone cares enough to try and do something about these problems. I see a few people moaning about unfair practices including spamming timelines it's those very people who should be following and interacting with the likes of sherlockholmes.

I'll collect my promoters fee later, usual method used tenners in a brown paper bag around the back of the bandstand. ;-)

I agree in that there has to be an equivalent deterrent although this goes against the wave this economy. therefore I believe it would have to come from steem itself in order to have a large enough effect. I can also imagine that an equally negative voting power associative to our voting power would be beneficial..

I think a lot of people are scared to flag larger accounts for fear of retaliation. What we can do it to delegate some SP to those doing the good work. I expect that's less likely to be traced back, although it's possible to do so.

Milking the system without adding anything useful is very harmful to Steemit. I'd hope that a growing population of dolphins will result in rewards being spread more to legitimate content, but we need the whales to help power the countering of abuse.

I'm not 100% sure that's true. If it was then the account with the highest reputation could never decrease

It is true that lower rep cannot decrease a higher rep by flagging.

Immensly entertaining (for some of the wrong reasons) and very thought provoking in that these farmers are taking money directly out of my reward pool all of mine and others hard work and time investment is being diminished as a result of this trickery.

Thank you for bringing it to ever ones attention .

Very good research, well done!
Stuff I started doing by hand, then got diverted with my other projects, follow the rings and you end up at an attractor.

Unfortunately this looks like the start of an bot vs. humans war. But I've warned about this enough. In any case it will be a long war and maybe distributing rewards too broadly is the cause but who will say that they are willing to give in to some centralization for protection? If the problem gets too bad then more users will switch from steem power to steem and then to steem dollars and ultimately the fiat will win. Don't let the fiat win!

Very good post, I always enjoy reading them even the story is actually very sad. I just wonder how this can be stopped on a big scale since manual can raise awareness but not stop it entirely.

I would be interested if steemit.inc has any plans or ideas how this abuse could be tackled on a system change basis?

I think STINC is being rather quiet on that front. Saving the reward pool will be up to the community. Initiatives like @sadkitten and @cheetah are providing a great service on that front already, but, I think we need more independent projects like them!

In time, as the number of such accounts grow, I suspect there will some coordination of their efforts as well.

Sadly, about then it will be time to consider who watches the watchers =/

Decentralize FTW!

I do agree with you spammers is very serious problem

This post is Amaze me. Let's me resteem your post because I love it

Thanks anyway 😊

Thank you for this important work!

Hi @sherlockholmes, I see you have mentioned me.
This is automatic response so that I may respond to your mention later.

Hey, Sherlocks :D can you do the same to my post about Astana? Not like for numbers, but just read it, at least it would have any logical sense, and also if it gathers 5 $ or 33 upvotes (to beat score of my gf) i would write next article which i mentioned in Astana article, Sorry for mess, and thank you :) I like to cross words here eeeee

@nice informative article
@rogerblu

Congratulations @sherlockholmes!
Your post was mentioned in the hit parade in the following category:

  • Pending payout - Ranked 9 with $ 308,56

I always visit your blog because you inspires me. Do what you do. Thank you very much for sharing inspiring content.

your post is very nice, full pack of knowledge and very attractive :-)

Sir really so nice steemit working thanks for good sharing

Learning from you

Are you going to investigate this or do you want me to explain it for you?

Thanks for information

have a free flag for spamming, too!

john, when u flag a post by account with higher rep, u only have effect on its reward, not on its rep, and since this comment already had 0 rewards, u just wasted ur voting power.
Keep to only flagging accounts with lower rep than urs, and to flagging posts by undeserved reward by anyone.

Thanks for your concern, but the flag was not intended to have influence on reputation, it was a message to the spammer that his comment was not well received. As such it also wasn't wasted.

Before this downvote was issued, the commenter's profile was checked.

There are 2 pages
Pages