Ive been on the internet for a while and one thing that’s stayed consistent are the chat bots. From large social media to forums for friends only, the bots will come. I’ve always theorized about who runs them and why. From running my own web server and seeing logs, I figure they find forums the same way they find vulns, by crawling for forum software signatures.
But why? What is the return on this kind of enterprise? Why do large social media platforms have such a hard time finding and banning them?
From my knowledge of how gaming admins run things, they don’t instantly ban cheaters on detection, but do random waves, as not to give information away.
But some platforms have had bots for years! Twitter has had a huge bot problem basically forever, and the bots have gotten bolder and more diverse since Elon took over. There are the verified LLM powered bots (again, how can they afford to spend money on a Twitter and LLM agent, while still getting decent returns? They’re usually onlyfans bots so I assume they get good returns, but what’s the scale?)
Then there’s the low effort scam/porn/ad bots, who mostly tweet in similar manners. They’ve become such a meme that an official Twitter account made a tweet in the same manner as the bots!
Facebook in the same vein, had a “love spell” bot problem for a year+, they’ve only recently got rid of them. But for a year!!
I’ve also seen those love spell bots move to niche forums I spend time on. Again, why? Who is the target audience? What are the returns?
If it is, in aggregate, basically free to splash your message all over the internet and generate X impressions, then you’ve got a click/action/whatever.
So now you monetise that click: you sell the clicks to a third party who attempts to compromise the users with some packaged n-day exploit system, or buy one yourself, or do something else malicious. Or if they are really stupid just try and sell them crypto.
Once they have “converted”, bundle the data up (CCs, creds, data, whatever) and sell that on. Rinse and repeat.