Who are the Porn Bots on Kik?

Kik has more than 120 million users. The largest user group is young. According to reports, around 40% of American teens have tried it. Teens love Kik. They also share the network with bots.

These fake, autonomous programs are designed to lure Kik users to click on paid-for websites with flirty chats and the promise to have porn. They are glorified chatbots with one goal.

According to Kik “pornbots” account for around 1% of all messages sent each day by the app, which suggests that thousands of them are regularly crawling its network.

Is there a porn bot outbreak? Security expert Cathal McCaid, who monitors spam for telcos, has said that most of the porn is coming from one criminal group. This group is likely English-speaking and not Russian, which is a country well-known for being the source for many types of spam.

It appears that this spam team has been operating porn bots similar to these since 2010, when they were using MSN Chat.

Spammers may be in it for the long-term because they are making good money. A bot will typically offer to show a Kik user their nude photos, provided they navigate to a dating site or cam site and provide their credit card details. If users refuse to comply, bots will inform them that they require their card details in order to verify their age.


Credit card is to verify your age. You’ll be able to get in for free through my page, but you must verify that you are an adult.

McDaid says that anyone who falls for this trap will usually pay between $20-$80 to gain access to the site.

He says that sign-up screens can be confusing and difficult. Users may end up signing up for multiple sites, which increases the cost.

Kik users are smart enough to recognize scammers and avoid falling for them. Conversion rates are around 0.5% and 1.1%. Spammers can still make decent money by hitting mass users. McDaid last year tracked a surge of porn bots spamming more than 80,000 Americans in three days.
SMS
.

The attack could have brought in $16,000 even with a 0.5% conversion rate. Click-throughs from links or stealing credit card information are two ways spammers make their money.

Kik is working hard to keep up.

It increased its privacy controls , blurred images users saw on their lock screens and reacted to the problem by last May. According to Dan Hendry who heads Kik’s server team, the startup in Ontario has been dealing with porn bots since two years. He also waged a digital war against spam.

Hendry states that general spam accounts for a low percentage of Kik’s messaging traffic. Based on the technical signatures left behind by these spam groups, Hendry suspects that he is dealing with just a few spam groups.

McDaid can’t confirm if porn bots come from one group as McDaid suspects. Kik doesn’t analyse message content because privacy concerns make it difficult to track which messages belong to which users. McDaid’s analysis is based on screenshots Kik users have posted on Twitter and forums. It is also difficult to determine if these are the same porn scammers who have hit Snapchat. Tinder. Skype.

According to Kik’s Hendry, “It’s only a small number of highly motivated individuals.” They evolve when we evolve. We have seen whole shifts in the behavior of a spammer. It is not something that sends out spam codes and then goes away.

Hendry suspects that the spammers are not located in the U.S. because the largest waves of porn bots target Kik users at night and early morning rather than during the U.S. work day. Although he wouldn’t give any details about how Kik detects these bots other than when they are reported in by users he said that a team consisting of four people is specifically tasked with fighting spam on Kik.

Bot controllers aren’t just innovative; they’ve been doing it for years.

McDaid searched through conversations of one of the most popular Kik pornbots and found that it re-used conversations from another bot active on MSN 2010 and possibly Google’s GChat 2011.

McDaid states that McDaid believes this code is the same and the same group is likely to re-use their methods by moving onto new messaging channels once they become more popular. McDaid says that these attackers could have spent many years running their bots on several messaging platforms.

Consider, for instance, the last line this transcript from a pornbot hitting an MSN user back in January 2010.


What’s takein’ u sooooo long babe? Im burnin’ in there waiting for you …..

It is almost identical to the original on Kik four years later, based upon

This screen grab

Be wary
Twitter
user:

Here’s another transcript of a Yahoo Messenger sex chatbot in February 2010. The first line is important:


Cool… My name is Janessa, and I’m from S.Florida.. Could I ask you some questions?

This line is again repeated four more years later on Kik.

McDaid claims that there are common threads in the words between the transcripts from both time periods and across platforms. It’s not common for criminal groups to have the same conversations with separate code. This suggests that the majority or all of the Kik porn bots reported are from a common source.

Ironically, all this happens while Kik tries to ban sexy chatbots from its service. However, it is preparing to invite chatbots from advertisers.

Kik’s experimental chatbot, which tells jokes to its users and receives around 1.8million messages per day, has been operating for years. It invited brands to create their own Kik profiles and send automated messages to its users last July.

The Wall Street Journal states that advertising bots cannot yet have conversations to protect a brand’s identity. According to Kik, 1.5 million Kik users had already opted in to chat with a corporate bot or “promoted conversations” in July.

Marketers will spend the next few months learning the details of how chatbots work, so they can have thousands of conversations with Kik users simultaneously, much like porn bots.

They might learn from the mistakes of Kik’s spammers. They could accidentally lead their bots towards a pornbot. In such cases, something extraordinary could just happen.

HEY! Could we ask you for a favor? Would you share this article with your friends? It costs you nothing and it takes just a second, but means the world to us. Thanks a lot!
Tags: