Skip to content

Twitter verifies six fake accounts as part of a 1212 account botnet

  • by
  • 2 min read

Twitter has permanently suspended a “small number” of fake accounts the platform mistakenly verified weeks after re-launching its public verification program.

The accounts in question here were created 26 days ago and have profile pictures that seem to be taken from stock photo sites but are fake regardless. In total, six accounts were part of the fiasco and shared nearly all the same followers while not having posted a single tweet. 

The incident came to light on Sunday when Conspirador Norteño, a data scientist focused on disinformation, called out the six accounts in a tweet thread, as reported by the Daily Dot,

In the News: SolarWinds releases patch for actively exploited zero-day vulnerability

Malicious threat actors or just another spamming case?

Two accounts of the six had profile pictures that appeared to be stock images. The other’s seems to have been made with AI. The six accounts had 976 suspicious followers in common whose accounts were created between 19 and 20 June, with profile pictures of computer-generated images of humans or cats. 

The majority of the accounts in the following hadn’t put out any tweets as well. A handful of those who had pretty much only tweeted about automated Korean spam sent via an automation service called He went on to explain that the accounts were a part of a 1212 account botnet.

In their statement to the Daily Dot, Twitter confirmed that they had mistakenly verified the accounts and have taken action against them,

“We mistakenly approved the verification applications of a small number of inauthentic (fake) accounts. We have now permanently suspended the accounts in question and removed their verified badge, under our platform manipulation and spam policy,” Twitter said in a statement

.Facebook’s former chief security officer, Alex Stamos, tweeted about the incident suggesting that it might’ve been an insider job stating something similar happened at Instagram where spammers paid off the insider. However, he later stated in an update that they (Twitter) ruled out a malicious insider.

In the News: BIMI security standard rolls out to all Gmail users

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: