Ron Paul Botnet Spam Scam Uncovered

Ron Paul supporters are engaging in criminal hacking and spam attacks designed to bolster their candidate’s profile in the online world, Sarah Lai Stirland reports for Wired.

If Texas congressman Ron Paul is elected president in 2008, he may be the first leader of the free world put into power with the help of a global network of hacked PCs spewing spam, according to computer-security researchers who’ve analyzed a recent flurry of e-mail supporting the long-shot Republican candidate. “This is clearly a criminal act in support of a campaign, which has been committed with or without their knowledge,” says Gary Warner, the University of Alabama at Birmingham’s director of research in computer forensics. “The question is, will we see more and more of this, or will this bring shame to the campaigns and will they make clear that this is not a form of acceptable behavior by their supporters?” Warner pointed to provisions of the federal Can-Spam Act.

Ron Paul spokesman Jesse Benton says the campaign has no knowledge of the scam. Warner himself says that he has no reason to believe that the Paul campaign had anything to do with these messages.

Some participants in the online political world have long suspected Paul’s technically sophisticated fan base of manipulating online tools and polls to boost the appearance of a wide base of support. But the UAB analysis is the first to document any internet shenanigans.

The finding is significant, because Paul’s online support — as gauged by blog mentions, friends on social-networking sites such as MySpace and popularity in online polls — has garnered him wide mainstream print and television coverage, despite his relatively poor performance in offline polling.

The spamming allegations are based on a slew of e-mails captured by contributors to the university’s Spam Data Mining for Law Enforcement Applications project, a research venture that receives 2.5 million spam messages a day, and selects about 100,000 a week for analysis. The project receives its spam from other researchers with ties to ISPs, and in some cases from “trap” addresses that have never been used for any other purpose.

Certainly, there has long been suspicion that the flurry of comments that generally follows postings about Ron Paul on blogs are somehow auto-generated. Whether this buttresses that theory is beyond my technical understanding.

Spamming and various other nefarious uses of the Internet’s capabilities to promote business ventures, raise website search ratings, and other purposes have been around approximately as long as the Internet itself. It stands to reason, then, that these techniques would be applied to political campaigning.

While this effort seems to be done to help Paul, similar efforts could just as easily be launched to harm other candidates. We saw in the last campaign cycle a flurry of robo-calls apparently from one campaign that were actually perpetrated by its opponents in order to alienate voters.

FILED UNDER: *FEATURED, Science & Technology, , ,
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College and a nonresident senior fellow at the Scowcroft Center for Strategy and Security at the Atlantic Council. He's a former Army officer and Desert Storm vet. Views expressed here are his own. Follow James on Twitter @DrJJoyner.

Comments

  1. misledinamerica says:

    James Joyner,

    Your grade 6 English teacher would be ashamed. You call yourself a journalist but can’t read.

    Your lack in technical understanding is not what makes your article such as blatant manipulation of the truth. All that is required are good reading skills.

    At the end of Sarah’s article she clearly states that this could be the work of Ron Paul supporters or Ron Paul opponents. Since these emails are apparently coming from untraceable places it wreaks of DC think tank. Ron Paul supporters know that email spam is freaking useless.

    Also, Sarah states, “Paul’s online support — as gauged by blog mentions, friends on social-networking sites such as MySpace and popularity in online polls”… where in this phrase does it mention emails?

    With a few minutes of research you would learn that online and text messaging polls limit the number of votes per PC or Phone to one. PCs and Phones have unique ids. The polling web site can recognize this id and track it.

    Social networking sites require accounts and provide effective mechanisms for disabling spamming users. It just takes a mouse click. Also, internet users quickly become expert at filtering. They see past the ads and spam to what they want in cluttered pages. Or do you click on every google ad on every page you visit?

    Suggesting, or as you have done, reporting as fact, that super-duper magical robots are creating Ron Paul videos and posting them on Youtube or crafting human-like comments in response to videos is beyond stupid.

    Have you ever visited youtube or google videos and done a search on Ron Paul? There are literally thousands of homemade videos. Each video has numerous comments that are clearly written by real people.

    That said, I suppose it might be possible for a robot to write comments and articles that would seem to have been written by a human. This article for example could possibly have been written by a robot. Now that I think about it I’m getting nervous. Is there a PolitoBot lacking in moral fiber out there writing all sorts of journalistically weak articles? Actually that would explain a lot.

  2. Roman Creed says:

    … from the article (which you didn’t bother to read James):

    “If it is true, it could be done by a well-intentioned yet misguided supporter or someone with bad intentions trying to embarrass the campaign,” he wrote while ferrying his boss to tape an appearance on The Tonight Show. “Either way, this is independent work, and we have no connection.”

    This article has been modified to clarify that Warner has seen no evidence suggesting that the Paul campaign is responsible for the spam.

  3. yetanotherjohn says:

    Imagine if Ron was able to win (or even seriously contend or influence the election). 2012 would be a spam nightmare.

    The headline is fair.

    Ron Paul Botnet Spam Scam Uncovered

    The first sentance is not supported…yet.

    Ron Paul supporters …

  4. Jared says:

    The news is in that wired accepted money from a giuliani supporter to try and discredit Ron Pauls support. I guess they have to try and justify why the diebold machines are only going to allow Ron Paul a few votes. Did Wired.com’s writer accept money to do a political hit piece on Ron Paul? Well there is no evidence besides a few videos on youtube from a giuliani forum of the writer talking to a supporter from Giuliani’s camp.

  5. Tara says:

    This story should be retracted. Here is the truth:

    Ron Paul Campaign Under Cyber Attack

    There has been a recent flurry of news articles that have made the conjecture that the Ron Paul campaign or his supporters are in possession of a botnet and are using it to generate spam emails for the candidate. I have been in the business of computer technology for a long time and have good friends in the IT security business and we have discussed this at length. Cui-bono (who benefits)

    I find it far more likely that this botnet spam attack is not the design of the Paul campaign or any of its supporters. It is far more likely that this is the release of a first round of direct cyber attack against the Ron Paul campaign. I base this opinion on the fact that the attack is becoming clearly targeted at the youtube videos of Ron Paul. Youtube links to his videos are beginning to be inserted into the the body of these spam message and as a direct result the video’s are being pulled by youtube for violation of their terms of use policy.

    This attack method can do far more harm than good for the Ron Paul campaign so I will make a guess that this is the work of those in the NSA using cyber war tactics out of loyalty or possibly under orders to use this stealth attack method to derail the Ron Paul campaign by using the campaign’s online strength against them.

    I expect that after these attackers have used this method to remove the best google and youtube videos touting the Ron Paul campaign, that the attack method will change and will then go after other key components of the campaign’s online strength such as the Web 2.0 communities. These utilities will likely be spammed and the organizations using the applications will be banned from their use.

    This is nefarious and demonstrates the kind of tactics that the establishment could use to serve their interest in stopping the advance of Ron Paul and the Revolution for freedom that he is leading as well as his Presidential bid. I can only hope that the Ron Paul online army has some equally talented cyber warriors that can help stop this attack before it is ramped up even further.

    http://www.nolanchart.com/article259.html

  6. FZappa says:

    Misleading headline. No evidence at all that Ron Paul supporters did this, and much reason to think anti-Paulites did it.

    Unprofessional post.

  7. I Will Sue You says:

    Joyner has the nerve to post a complete LIE.

    There is NO PROOF that anyone connected to the Paul campaign, not a supporter or staff, “are engaging in criminal hacking and spam attacks designed to bolster their candidate’s profile in the online world”.

    Joyner, you jackass! It’s called LIBEL.

  8. I Will Sue You says:

    NEWSFLASH: I saw a Fred Thompson supporter sending spam from a nearby computer and making it look like it came from Houston when it came from a computer he’d hijacked in KOREA.

    There you go.

  9. Michael says:

    I still don’t see anything that mentions use of a botnet, or is that just the new MSM techno-scareword? Seriously, a pale herd of Ron Paul supporters may be just as bad as a real botnet, but being lonely and having too much time on your hands is not a crime, cyber or otherwise.

    Now for corrections:

    PCs and Phones have unique ids. The polling web site can recognize this id and track it.

    Had this been a _real_ botnet, the votes would be coming from multiple actual PCs, just without the consent of the owners of those PCs. Also, IP spoofing or even DHCP renewal can thwart many of these checks.

    Social networking sites require accounts and provide effective mechanisms for disabling spamming users.

    They also provide effective mechanisms to sign up for new accounts, spammers expect to be disabled within hours (days if they are lucky), registering new accounts is as automated as sending messages from them.

    James, could we create a new domain for Ron Paul posts, so they don’t pollute OTB? Maybe http://www.wedontgiveacrap.outsidethebeltway.com

  10. Mark Jaquith says:

    Ron Paul supporters are engaging in criminal hacking and spam attacks

    Could be one person. And there is no evidence that the person who authored the spam messages had anything to do with the hacking. Existing botnets are frequently rented out, and spam services sold. So it could have just been a single person buying X spam messages and this is the method the spammer used to send them out.

    Certainly, there has long been suspicion that the flurry of comments that generally follows postings about Ron Paul on blogs are somehow auto-generated. Whether this buttresses that theory is beyond my technical understanding.

    Doesn’t really say anything about that. And from what I’ve seen, I doubt it.

    While this effort seems to be done to help Paul, similar efforts could just as easily be launched to harm other candidates.

    That was actually my first thought.

  11. David says:

    You know it is kind of sad when people use any tactic to discredit someone. I realize Paul would be hard to made to look bad. So apparently they want to go after the base. Weak polling because of who is called. hardline gops get the polls.

  12. SFrahm says:

    Ron Paul Cyber Attack …or how to blame the victim, a la 21st century web 2.0 negative campaigning.

    “spam campaign on behalf of Ron Paul”? How is that supposed to do any good for him? No, much of the spam gets his videos pulled off of YouTube for TOS violations. Dr. Ron Paul M.D. has been a US congressman for twenty years, voting against every one’s pet pork bills. …and in all that time they haven’t been able to dig up any real dirt on him.

    So this is their very best spin of the day, blame his supporters for something they did not do. When they cry foul, “Oh look at that! See Wikipedia – Negative_campaigning

    I have always voted conservative, for Ron Reagan and both Bushes. Dr. Paul has my conservative vote. In the meanwhile I am going to continue to help his campaign any moral, legal and ethical way that I can.

    Thanks for the incentive.

    Steve

  13. slammah says:

    I must apologize…..
    It was me…..
    I have been typing all of these emails in hope that my friend “Ron Paul” gets elected president…
    It would be so kewl to have the Oval office turned into a 360 degree wall to wall plasma Playstation…..Our moms could live in the west wing….
    I apologize for spending all my allowance on Rons behalf…. but he’s an awesome dude….
    I am gonna give him like another umm 5 or 6 million on Monday, so he can order those plasma’s early……

    Ron Paul
    2008 DudEExOxO

  14. The Spam originated from someone on a Giuliani Forum who then Paid the journalist Sarah Lei Striland to break the story. Fox News of course was the first to pick it up.

    This is just about as much proof as you can get.
    youtube.com/watch?v=U5LgUiz2mBA

  15. Mick Russom says:

    Libel. Disproven lies. The only crime comitted here is the MSM and the media printing baseless lies against Ron Paul. No one who likes Ron Paul would sabotage him like this, its clearly a smear campaign by the MSM and The Complex.

  16. There clearly are no bots posting pro-Ron Paul comments in people’s blogs. All of this support is for real. I can understand that people might have a hard time comprehending what we’ve done today. It’s Earth-shattering, jaw-dropping… No matter which way you phrase it, Ron Paul is for real.

    Over $3,800,000 raised.

    More than 35,000 total donations.

    1 message – and 1 candidate – unlike any other.

    Can we keep our momentum going? The most successful fundraising day ever is John Kerry’s $5.7 million. And that was on the day he accepted the Democratic nomination.

    Let’s do it.

  17. Mark says:

    Did “spambots” conjure $4.2 million out of thin air on the fifth of November?

    What really concerns the power brokers (military industrial complex and the MSM etc.) is that of the 38,000 people who contributed the $4.2 million, 21,000 of them were N E W contributors to the campaign. Support for Dr. Paul is growing exponentially and that is something for the evil-doer neocons of both the Republican and Democrat party to consider.