Case 9: The @ecoworld conspiracy - identifying 4,766 + 1 cheating accounts
Accusation:
It is not really an accusation this time, it is more of a known fact that @ecoworld has abused the reward pool. Many users have approached me about this, well, not this incident specifically, but more on that after we get to the conclusion.
In order to bring more awareness for the severity and extend of ill-intended reward farming on this platform, I am looking into an old file today. Also, it's @ecoworld's 1-year anniversary on steemit today, what a great moment to reflect on their history.
Some of the things I will present, may be well known to many of you, but, I hope I may be able to connect some dots that have not been visible to some of you until now.
I'll also show some big numbers, because I know those are impressive, right?
The Findings:
Let's start with what is common knowledge about our birthday boy.
@ecoworld's history
Despite the old age, the account had only posted three times in it's early days, after that it remained completely inactive until July, 5th of this year. On that day, they started a major comment-farming operation. Quite simply, they were posting numbered comments under their old posts, self voting them with an army of fake accounts. The first one to notice this, only two days into the operation, was nobody other than the legendary @ionlysaymeep.
Unfortunately his "meep" wasn't heard by anyone, so @ecoworld could continue doing their thing, continually growing, upvoting comments for up to $7.90 each:
It would take another 10 days before @neoxian and @someguy123 stepped in and started flagging down the post rewards:
With enough flagging, continually reverting the rewards to zero, this money grab was eventually stopped. The culprit wasn't going to keep wasting their voting power just to see all rewards flagged away.
As the operation was only stopped after running fine for 12 days, @ecoworld was able to collect 364.690 vested SP and 401.334 SBD to-date. They have exchanged all their SBD to STEEM, which they vested for Voting Power and are now currently in the process of powering down 701.490 SP. This doesn't sound like too much, but be patient, I have some bigger numbers for you later on.
The Importance of Flagging
I want to take this opportunity to make an intermission for an important statement about something that I see being debated quite frequently.
Flagging is not just a tool for hostility or censorship, no, those downvotes are an important defense mechanism for the steem-economy. If flagging was not an option, a scheme like this would continue indefinitely and grow exponentially, taking money out of the reward pool that would otherwise go to legitimate authors!
Also, those who do the flagging, they are giving up the returns they would be able to gain from their upvotes in order to protect the communal reward pool! So please, a legitimately used downvote is something good, important, and healthy for this platform!
Of course, downvotes can be abused, but, if there's one thing we can learn from @ecoworld, so can upvotes!
Get over it, yes, flag-wars are ugly and childish, but flagging is not the problem here, the problem is abuse of power, and it happens with upvotes, just like it happens with downvotes!
On with the conspiracy.
@ecoworld was not alone, a little later @aleksphoto made the stage.
Just a day after @ecoworld's operation had been stopped, on July, 18th, @aleksphoto started preparing the exact same thing @ecoworld had done. @aleksphoto was never stopped by force, they waited until shortly before post payout, kept selfvoting for a day and stopped the operation immediatly after a single voting streak on July, 25th. @aleksphoto is currently powering down 340.123 SP.
This coup was being well coordinated. Our next players entered the stage right immediatly. E.g.: @yantarik started it's prep-work on July, 20th, the voting started 6 days later. This time, it did not go unnoticed, though! After just 6 hours of voting from the bots, @blueorgy, @ausbitbank, @nextgencrypto and @followbtcnews stepped up to again nullify all the ill-gotten pending rewards. If you want to know more, @ausbitbank had posted a PSA about the situation back then.
Am I boring you already? I know, all this is well known and documented! Where's the conspiracy promised in that clickbait-title?
Follow the Money!
This should really be called the @dart conspiracy, but that didn't sound as good and it would have given the conclusion away.
If you look at the wallets of our aforementioned comment farmers, you'll see they are powering down, but you might wonder, why does the STEEM never show up in their wallets?
We are able to see a bit more about those withdrawals on steemd.com than on steemit.com:
There's a little know feature called "withdrawal-routes". It is possible to set up an account in such a way, that when it powers down, all the STEEM gets credited to another account directly. This is why the farmers' harvest seems to disappear. All their money is going directly to @dart!
The Bottom Line
Let's see those big numbers I've promised you earlier!
@ecoworld certainly isn't alone, it may be the biggest account in this operation, but there are in total 4,766 active withdrawal routes, all pointing to @dart.
And while the money collected by a single farmer, even by the biggest one, didn't look that impressive, @dart's bottom line is indeed worth raising an eyebrow.
Dart's wallet currently holds 11,850.794 STEEM, and looking through their transfer ledger, a whopping 67,608.546 STEEM have already been extracted, mostly through poloniex.
total damage so far: 79,459.340 STEEM !!
and some 5.748 SBD just to be precise.
That's only the sum in @dart's hands up to now. The army of accounts hasn't even completed powering down, yet! The total damage will continue to rise!
The Present Situation
and what can we do about this?
The large scale comment farming has stopped, it was too easily detected. The majority of the bot accounts have started voting on random posts, this is why I have been approached about this multiple times, people do get a bit concerned when a hundred small random accounts start voting on their post. So this self-rewarding comment-farm largely seems to have turned into a curation-farm? Yes, for the most part. Hey, at least you can get lucky and see some random upvotes.
The network still does vote on itself in some minor cases, they have resorted to a maximum of 200 votes on a single comment and usually the reward per comment stays below the $1-line. @sadkitten is doing an amazing job at recognizing these self-reward attempts and countering them. But @sadkitten is just one kitty against many thousand rats.
The platform needs urgent support on this front! Stopping an operation like this with only human intervention is a battle we cannot win! Support @sadkitten and the @spaminators or build your own initiative if you have the capacities.
This is a decentralized community economy, and we must protect it as such!
I will dedicate more of my time to look deeper into this tangled web.
I have identified some leads and I am already on the tail of another few thousand bots.
But for now, I wanted to leave you with this, for awareness, and with hope to create more engagement!
yours,
Sherlock
-> CASE 9 APPENDIX: list of accounts and transaction ledger <-
- I already broke some of your thumbs when I shared ~1,700 accounts in case 7, so today the list of accounts posted separately is posted separately by my assistant @johnwatson, it's linked above.
- The list has also been fed to @sadkitten, it contained 3,077 previously unlisted accounts.
- The transfer ledger of @dart does not display correctly on steemit.com. I will have my assistant include a summary of all outgoing transaction in his post, too.
P.S.: Writing this post took a little longer, so my birthday present to @ecoworld is a few hours late, I hope you will forgive this factual innacuracy.
Flagging is Important!
The reward pool needs to be protected from scammers and abuse!
The community must fight against spammers and scams!
please share your thoughts
What amazing findings you are sharing with us! Thank you, I am enlightened a bit more now. ;)
Talking with another important individual on this platform about abuse of all sorts, we both came to the conclusion that Steemit should probably have an "Account Downvoting" system where such abusive individuals are givens less and less power to do what they do to our platform.
If we let the baby baobab grow, this could easily become one of the toughest phenomena to cut down...
All for one and one for all! Namaste :)
Almost 80,000 STEEM, you say? And I'm always being told that the abuses and exploitation isn't that big.
This is from one operation. Many others have already been found. How many were not? How many are currently happening that haven't been discovered yet?
Right. The blockchain protocols don't affect any of this, I'm sure.
That number doesn't even include the remaining SP on those 4766 accounts!
@sherlockholmes, thanks for advocating for our community. I appreciate fellow Steemians who are willing to stand against this abusive accounts and flag them.
Honestly, I still feel a bit skittish, because I fear retaliation. I hope to grow in influence so that I can also help with these concerns.
Don't flag if you feel like you will be overpowered in retaliation, it's not worth the trouble!
You can always seek the assistance of @spaminators in case of spam or @cheetah when you see plagiarism and/or impersonation and similar offenses!
Can cheetah be summoned manually?
Only those with administrative access to @cheetah can.
Everyone else must report cases via steemit.chat or discord, or hope that a mention is noticed.
Dan nuked berniesanders repeatedly for nuking noganoo repeatedly.
If dan sides with the spam, what will you do?
Only way is to buy dan out, but I strongly recommend not to.
@berniesanders wasn't only flagging @noganoo. I am unaware that @dan specified the reason for the flagging. @krnel may have more information than I.
Hi, man! I've noticed something interesting today. It is a lot of posts which contains only 1 image without any explanation. I catch them on posting 2 similar pictures from different accounts (clover photo).
All of these posts were made by 5-6 users and after passing some hours Upvoted to $2-3 by one user -tard-. Isn't that an abuse for Steemit reward pool?
I checked his page, last wallet history, posts and comments under his last post (300 comments from only one word). This all was interesting for me but I can't dig deeper using only my mobile app. Can you take a look? Thanks.
Added to my list, but my backlog is long, please don't expect quick results.
Thanks!
How do you think, can your =Dart=and my =Tard= be the same PERSON (anagram)?
Two days ago, maybe after my reply to you, he changed his voting strategy and started powering down. Now looks like he has more than 60 voting bots with delegated SP. Is it legal?
Sorry for lots of questions, but I don't know anybody else, who can check this abuse.
Sorry, my desk is cluttered, I hope I can look into this soon!
Wait, I do not get it, why don't you just create like 5 accounts and have them upvote each other. Then, no one can tell easily.
Well, that's what they did, only at 1000-fold magnitude, but you see this in much smaller clusters, too, of course.
Awesome post, I really enjoyed it. I hope you appreciate the vote!
Users will find it strange to see that I support you!
Because I'm on the black list with cheetah!
Good job! you sent it to me a few hours ago, but I just read it. Was at school! and finally had a little sleep
I share with my friends!
resteem
I do keep my eye out for calls for help in flagging abusive posts, particularly from Spaminator, but I'm definitely leaning toward donating delegated power as well. Who is developing and controlling the sadkitten bot? I'm having a hard time keeping the various initiatives straight.
I didn't know about "withdrawal-routes". I checked the top curators from the past 30 days on SteemWhales and I didn't understand why almost nothing is shown in some of their wallets. I think this is explained by "withdrawal-routes".
Sounds very much possible. Maybe I should take a look from that angle also!
Mother fuckers... I had no idea this sort of thing went on! No matter what small corner of the earth or in this case the web there will always be someone two steps ahead taking advantage of a system to basically steal money.