There are millions of spam profiles littering Twitter, and they’re practically unavoidable. But who’s behind this army of bogus accounts?

A research team announced Wednesday it’s finally traced these default-egg-avatared nuisances to their source, and their findings could help cut Twitter cut spam off at the head.

The researchers bought $5,000 worth of phony Twitter accounts from 27 online vendors for just 2-10 cents each. All told, that amounted to 120,000 accounts over 10 months. Their goal was to figure how to identify fraudulently registered accounts. The stakes are high: merchants earn an estimated $460,000 in total annual income, while the spammers they sell to harass and annoy Twitter’s millions of customers.

The team—comprised of researchers from the University of California, Berkeley, George Mason University, International Computer Science Institute—found the merchants through search engine ads, spam forums, and freelance sites like Fiverr.  The research was done in cooperation with Twitter, and the team presented the findings at the Usenix security conference in Washington, D.C. Wednesday.

Merchants are the ones who make and sell the fake accounts. Their customers are usually spammers, who use armies of robot accounts to automatically send scam links to Twitter users. Other customers use the dummy accounts to boost their follower numbers and seem more popular than they actually are.

Stopping the spammers is vital to cleaning up the community, but it's not a simple task.

The researchers said account sellers used fake email credentials and tens of thousands of hijacked computers to avoid Twitter's suspicions. Some merchants hoarded accounts for months to give them an air of legitimacy. 

Using data it acquired by tracking these patterns, Twitter suspended 95 percent of all phony accounts. When the team purchased further accounts immediately after Twitter's intervention, they found 90 percent were suspended by time of delivery. 

The merchants were puzzled by the lost stock, though soon regrouped. The most prominent sellers were back in action within a few weeks, after figuring out new ways of bypassing Twitter's defenses.

Twitter is working to integrate the researchers' methods for finding phony accounts into its abuse detection system. But as long as there's money to be made on the black market, scammers will find ways of creating spam accounts en masse.

H/T Boing Boing, Krebs on Security | Photo via rarvesen/Flickr