Researchers that tracked hundreds of thousands of bots on Twitter named the spam Siren after Greek mythology.
Spammers on social media create botnets, which are collections of accounts controlled by a central command. A bot is any account that is controlled not by an organic user but by some form of automation. Although the vast majority of individual bots are benign, they can be coordinated as botnets and weaponized to distribute despicable links such as phishing campaigns, malware, ransomware, fraudulent surveys, spamruns, malicious apps that hijack control of the victim’s accounts, and spam websites that pay for clicks.
Botnet attacks used to be confined to emails, with individual victims, but now it’s a free-for-all on social media. With 2 billion people on Facebook, spammers are seeing social networks as the next target. Unlike with emails, when spam gets posted on Facebook or Twitter, it’s publicly available for everyone else to see, not just the recipient.
The Siren bots would work around anti-spam measures by disguising the URLs through some link laundering: First, the URL would get shortened through Twitter, giving the spammer a t.co link. That short link would then get redirected to a goo.gl URL and was able to bypass Twitter and Google’s anti-spam detection