Power10 retweet automation creator @JasonLSullivan_ has been excitedly promoting his new magainfo(dot)tv video site. This thread is not about that site, however. It is about another site with the same IP address: michaelsolisunus(dot)com.
(Previous thread on the now-defunct Power10 retweet automation software, as well as reporting from Business Insider on the topic) businessinsider.com/power10-activi…
At first glance, michaelsolisunus(dot)com looks like an empty website with placeholder "Home", "About Us", and "Contact Us" sections. What's up with that "Go to App" button in the corner?
The "Go to App" button leads to an authorization screen for a third-party Twitter app named "Michaelsolisunus" that requests a pretty comprehensive litany of permissions. We had @DrunkAlexJones give the mysterious app a whirl.
This is a good time to point out that one should exercise extreme caution when visiting dodgy websites or giving third-party apps permission to one's social media accounts, especially if one has no idea what the app in question does.
We (or rather @DrunkAlexJones) had to verify an email address in order to access all of the app's features. Interestingly, the confirmation email appears to be from Cyphoon, Power10 creator Sullivan's social media consulting company. reuters.com/article/us-usa…
Much like the old Power10 automation app (banned in September 2019), the Michaelsolisunus app offers automated retweets and automated follows. It also has some rudimentary analytics features, including the ability to track and log the retweeters of a set of tweets.
We poked through the app's Javascript code and found a constant indicating the maximum length of a tweet is 140 characters (Twitter bumped it to 280 in late 2018). In addition to being amusing, this is a possible indicator that the developer reused code from several years ago.
We had trouble getting some of the Michaelsolisunus app's features to work, and were also unable to find any content that had been retweeted with it. If either of these things change, this thread will be updated with additional analysis.
Update: both the Michaelsolisunus Twitter app and the @JasonLSullivan_ Twitter account are presently suspended.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Meet @AmaralBailey, a Twitter account created in August 2014 with a default profile pic and zero tweets. In a wacky plot twist, all of @AmaralBailey's followers and followees are also accounts created on August 27th 2014 with default profile pics and no tweets.
These accounts are part of a network of (at least) 2327 accounts with default profile pics and no tweets created on August 27th, 2014. Most have names that are first/last name combos, but there are a few outliers, such as @surprisingKathy, @gunWilliams, and @Clevelandexcite.
(Note: it's possible that this network is actually substantially larger than the 2327 accounts in our dataset. Since the accounts have no content and exploring the network takes a while, we stopped once we found a couple thousand accounts.)
Here's an interesting account: @VishalAParmar, created in May 2021. All but two of its 688 followers were also created in May 2021, over a period of less than 12 hours. #SaturdaySpam
These followers are part of a fake follower botnet created between April 30th and May 29th, 2021. This botnet consists of (at least) 20684 accounts, none of which has ever tweeted. The accounts have random-looking but more or less pronounceable names, usually in all lowercase.
Who does this botnet follow? There's a lot of variety, although most are promotional/commercial accounts of some type. Cryptocurrency/blockchain accounts are a bit of a theme.
We've previously documented that the "Round Year Fun" apps ("My Twitter Family" etc) force you to follow other accounts without your knowledge. Interestingly, the main Round Year Fun website shares an IP address with a website that sells Twitter followers.
The follower sales website in question (realactivefollowers(dot)com) offers a trifecta of shady Twitter-related services: you can buy followers, likes, and even developer accounts (which enables aspiring botmakers to bypass the normal approval process, among other things).
Realactivefollowers(dot)com also offers a free trial of 50 followers. We had @DrunkAlexJones take advantage of this offer with the goal of testing the hypothesis that the followers being sold on this website are unwitting users of the Round Year Fun apps.
It's Tuesday in May, and a blue-check verified Twitter account by the name of @JobySanchez (permanent ID 790029565) is on the market for the exciting and dynamic price of $2000.
The @JobySanchez account appears to have originally belonged to MMA fighter Joby Sanchez. Back in May 2020, it had far more tweets and fewer followers than it does now. The old tweets appear to have been purged - searches return nothing prior to April 18th, 2021.
About half of @JobySanchez's 4463 followers followed it recently (5/1/2021 or later), and we found an interesting difference (that we can't as of yet explain) between its old and new followers: @JobySanchez follows almost all of its recent followers but very few of the old ones.
Meet @HodgesonMaria, @MarcusSabastian, and @AdelmoNowak, a trio of accounts using a similar lineup of automation apps. Their interests include adventure, travelling, incorrect use of capital letters, and stolen profile pics. Also, they have friends.
These accounts are part of a botnet that consists of 40 automated accounts. Most were created in October 2020 or March/April 2021. Ten of them were created back in 2009, but have no visible tweets prior to 2020.
All ten of the accounts with 2009 create dates underwent significant name changes at some point over the past year or so, making it reasonably likely that these accounts were hijacked or purchased.
The "Round Year Fun" family of malicious Twitter apps ("My Twitter Family", "My Twitter Crush", etc) began using a new domain name (roundyearfun(dot)me) as of May 1st, 2021. Here's a look at the activity since the switch, and once again: DO NOT USE THESE APPS!
Using any of the Round Year Fun apps will cause your account to follow and mute a specific set of accounts without your knowledge. If you've already attached one or more of these apps to your account, here are instructions on how to revoke access:
We downloaded all available tweets linking to the new Round Year Fun domain, roundyearfun(dot)me, yielding 145599 tweets from 117019 accounts posted via a whopping 870 distinct apps.