The Twitter logo with a robot emoji

Twitter Mikael Thalen

Twitter verified a number of bot accounts—raising questions about security (updated)

Six users with fake profile pics were seemingly verified less than one month after being created.


Mikael Thalen


Posted on Jul 12, 2021   Updated on Aug 4, 2021, 3:43 pm CDT

Questions have been raised over Twitter’s verification process after a handful of suspicious accounts were seen with blue checkmarks.

In a tweet thread on Sunday, Twitter user Conspirador Norteño, a data scientist focused on disinformation, highlighted six newly-created accounts that had all been verified.

While it’s common for malicious actors to hack into already-verified accounts, the six users had all been created just 26 days ago. Not only that, the accounts shared nearly all the same followers and had not made a single tweet.

The profile pictures for two of the accounts even appeared to be stock images, while others seem to have been created with artificial intelligence. Dozens of the accounts’ followers looked the same as well, using computer-generated photos of humans and cats for their profiles.

Although the majority of the accounts and their followers had not tweeted, several had. Conspirador Norteño noted that of the handful that had made tweets, nearly all of the content was related to automated Korean spam.

In a statement to the Daily Dot, Twitter confirmed that it had inadvertently verified the “inauthentic” accounts:

“We mistakenly approved the verification applications of a small number of inauthentic (fake) accounts.,” a Twitter spokesperson said. “We have now permanently suspended the accounts in question, and removed their verified badge, under our platform manipulation and spam policy.”

While questions remain, Alex Stamos, Facebook’s former chief security officer, suggested that the verification could have been an inside job.

“You might have a malicious or bribed insider,” Stamos tweeted. “Something similar happened at IG (paid off by spammers, in that case).”

Stamos also noted that many of the account names appeared to be Turkish, suggesting that the incident could be linked to a nation-state operation.

As of Monday morning, all of the six primary verified accounts have been removed by Twitter.

This post has been updated to include a statement from Twitter.

Read more of the Daily Dot’s tech and politics coverage

Libs of TikTok—the influential, mystery Twitter account hailed by mainstream conservatives—attended Jan. 6 Capitol protest
How police persecute the LGBTQ community—and how big tech can help its most vulnerable users
Anti-vaxxers will host a simulated ‘grand jury trial’ of Dr. Fauci for 5 days. For $10,000, you can be a ‘VIP juror’
‘That is not an official CIA account’: Trump’s social media platform is filled with fake government profiles
Truth Social employees praise murderous dictator in beta testing for Trump’s new app
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Jul 12, 2021, 11:59 am CDT