Skip to content
  • Home Home Home, current page.
  • Moments Moments Moments, current page.

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @
  • Language: English
    • Bahasa Indonesia
    • Bahasa Melayu
    • Català
    • Čeština
    • Dansk
    • Deutsch
    • English UK
    • Español
    • Filipino
    • Français
    • Hrvatski
    • Italiano
    • Magyar
    • Nederlands
    • Norsk
    • Polski
    • Português
    • Română
    • Slovenčina
    • Suomi
    • Svenska
    • Tiếng Việt
    • Türkçe
    • Ελληνικά
    • Български език
    • Русский
    • Српски
    • Українська мова
    • עִבְרִית
    • العربية
    • فارسی
    • मराठी
    • हिन्दी
    • বাংলা
    • ગુજરાતી
    • தமிழ்
    • ಕನ್ನಡ
    • ภาษาไทย
    • 한국어
    • 日本語
    • 简体中文
    • 繁體中文
  • Have an account? Log in
    Have an account?
    · Forgot password?

    New to Twitter?
    Sign up
CraigSilverman's profile
Craig Silverman
Craig Silverman
Craig Silverman
Verified account
@CraigSilverman

Tweets

Craig SilvermanVerified account

@CraigSilverman

Reporter @ProPublica. I investigate platforms, disinfo, digital manipulation. Editor of the Verification Handbook series, @BuzzFeedNews alum. DM for Signal.

Toronto
linktr.ee/craigs
Joined March 2007

Tweets

  • © 2022 Twitter
  • About
  • Help Center
  • Terms
  • Privacy policy
  • Cookies
  • Ads info
Dismiss
Previous
Next

Go to a person's profile

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @

Promote this Tweet

Block

  • Tweet with a location

    You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more

    Your lists

    Create a new list


    Under 100 characters, optional

    Privacy

    Copy link to Tweet

    Embed this Tweet

    Embed this Video

    Add this Tweet to your website by copying the code below. Learn more

    Add this video to your website by copying the code below. Learn more

    Hmm, there was a problem reaching the server.

    By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.

    Preview

    Why you're seeing this ad

    Log in to Twitter

    · Forgot password?
    Don't have an account? Sign up »

    Sign up for Twitter

    Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

    Sign up
    Have an account? Log in »

    Two-way (sending and receiving) short codes:

    Country Code For customers of
    United States 40404 (any)
    Canada 21212 (any)
    United Kingdom 86444 Vodafone, Orange, 3, O2
    Brazil 40404 Nextel, TIM
    Haiti 40404 Digicel, Voila
    Ireland 51210 Vodafone, O2
    India 53000 Bharti Airtel, Videocon, Reliance
    Indonesia 89887 AXIS, 3, Telkomsel, Indosat, XL Axiata
    Italy 4880804 Wind
    3424486444 Vodafone
    » See SMS short codes for other countries

    Confirmation

     

    Welcome home!

    This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.

    Tweets not working for you?

    Hover over the profile pic and click the Following button to unfollow any account.

    Say a lot with a little

    When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.

    Spread the word

    The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.

    Join the conversation

    Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.

    Learn the latest

    Get instant insight into what people are talking about now.

    Get more of what you love

    Follow more accounts to get instant updates about topics you care about.

    Find what's happening

    See the latest conversations about any topic instantly.

    Never miss a Moment

    Catch up instantly on the best stories happening as they unfold.

    1. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

      Let’s talk about an insane, criminal problem in digital media that gets no real media scrutiny: ad fraud. $19 BILLION will be stolen this year. Not wasted on ads that didn't work — straight up stolen by crooks! My latest investigation, and a thread:https://www.buzzfeednews.com/article/craigsilverman/how-a-massive-ad-fraud-scheme-exploited-android-phones-to …

      43 replies 663 retweets 1,168 likes
      Show this thread
    2. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

      Craig Silverman Retweeted Sarah Sluis

      Background: tons of digital ads are bought using automatic or tech-faciliated placements, aka programmatically. The process includes a glut of middlemen & players who take their cut. This opacity breeds confusion, which is perfect for criminals. Example:https://twitter.com/SarahSluis/status/1051866265801957376 …

      Craig Silverman added,

      Sarah SluisVerified account @SarahSluis
      Love this: Uncovering the middle presentation at #progio with @janameron & @lnadeau24 who worked together to figure out what happened when Digitas tried to spend $1 on Business Insider pic.twitter.com/qvcTEXX8k5
      1 reply 36 retweets 97 likes
      Show this thread
    3. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

      Let’s break down one part of the scheme I exposed with help from @PixalateInc, Protected Media, @Malwarebytes. It starts with an email to a developer who built the Emoji Switcher Android app. This person says they want to buy his app. They agree to pay up front in bitcoin. Done.pic.twitter.com/X7meqS7uuo

      2 replies 5 retweets 32 likes
      Show this thread
    4. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

      This happened over and over again to developers. I spoke to 5 of them. Once acquired, the apps are listed as being owned by different shell companies in the Google Play store. Here’s a company called Atoses Digital. Most of the employees on its site use stock images for pics.pic.twitter.com/9ZkomrG4Fz

      1 reply 7 retweets 43 likes
      Show this thread
    5. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

      They also have fake customer testimonials, like this one for a company called TapTap Video that claimed to help monetize three of the apps in the scheme. they stole the pic from a real woman.pic.twitter.com/Z9wnFb6zxM

      1 reply 6 retweets 43 likes
      Show this thread
    6. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

      Shell companies help you distribute your risk. If you get caught using fake traffic to inflate your ad revenue then it's the shell company & its specific publisher account that get banned. Just wait a few months, set up a newco, get new ad network account, and boom you’re back.

      3 replies 9 retweets 53 likes
      Show this thread
      Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

      In this case, once an app was acquired, the fraudsters secretly tracked the behavior of human users. Then they programmed an army of bots to mimic the same behaviors. Creepy, yes. Here’s the flow to explain it. The key is making fake traffic indistinguishable from actual humans.pic.twitter.com/P2M9woJdrv

      6:44 PM - 23 Oct 2018
      • 120 Retweets
      • 224 Likes
      • Sam Wizer Hooptedoodle Winning Emergence Joseph Kilcullen Andrei says: Parker Crook erdem mutata resurgo HrN UBI🇺🇸UniversalSinglepayerHealthcare🇺🇸Georgism
      6 replies 120 retweets 224 likes
        1. New conversation
        2. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          My investigation led me to identify +125 Android apps and websites linked to the scheme. They were spread out among like a dozen shell companies in Malta, Bulgaria, British Virgin Islands, Cyprus. etc.

          2 replies 17 retweets 45 likes
          Show this thread
        3. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          Google investigated after I contacted them, and found the scheme had accounts with *88 different ad exchanges*. One insider claimed they stole hundreds of millions of $$. But by spreading it all out via different apps, websites, and companies, nobody saw the big picture.

          3 replies 40 retweets 122 likes
          Show this thread
        4. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          The fraudsters were smart. They created high quality fake traffic. They spread the money around to avoid attracting attention. But they were also sloppy.

          1 reply 8 retweets 54 likes
          Show this thread
        5. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          Along identifying their fake employees and customers, I was able to connect all these apps, sites, and companies via corporate registrations, domain ownership and DNS data, Play store listings, and other publicly available info. (#OSINT FTW) Let’s look at one app.

          1 reply 10 retweets 51 likes
          Show this thread
        6. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          It’s called Surprise Eggs - Kids Game. In the Play store and on the app’s site it says it's owned by a company called Visont. But the whois for its site says Quaret Digital. So right away we have one app, two companies.pic.twitter.com/M7rT9GMTWH

          2 replies 9 retweets 35 likes
          Show this thread
        7. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          Both of their corporate sites were recently removed after I started making inquiries. Quaret also had an employee on LinkedIn with a photo stolen from actor Sarah Ellen @Sarah3llen.pic.twitter.com/cZEm1Zg50s

          1 reply 11 retweets 39 likes
          Show this thread
        8. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          Those two companies link it to other apps. But even more important is that the app’s website was registered with the email lorentsen@yandex.ru. It was used to register a whole bunch of other websites for apps and companies that turned out to be in the scheme:pic.twitter.com/e5QoD3IWKI

          1 reply 9 retweets 36 likes
          Show this thread
        9. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          The site for Surprise Eggs - Kids Game also used the same SSL certificate and IP address as a whole bunch of other companies and apps in the scheme. So with just one app, we now have so many leads and connections. (And then the traffic analysis found common fake traffic.)pic.twitter.com/5le8P5DV5D

          1 reply 10 retweets 41 likes
          Show this thread
        10. Craig Silverman‏Verified account @CraigSilverman 23 Oct 2018

          I followed the trail all the way to identify the key beneficiaries of the scheme. Read the story to meet them. And let's think about how much better off media would be if $19 BILLION went to real companies with real audience — instead of criminals /endhttps://www.buzzfeednews.com/article/craigsilverman/how-a-massive-ad-fraud-scheme-exploited-android-phones-to …

          13 replies 45 retweets 167 likes
          Show this thread
        11. End of conversation
        1. New conversation
        2. Rick Waldron‏ @rwaldron 23 Oct 2018
          Replying to @CraigSilverman @thegrugq

          Hi, your infographic character looks too much like @nodebots and that's not ok. Please update your assets, or legal steps will be taken.pic.twitter.com/NHnCoUQoJ3

          2 replies 0 retweets 0 likes
        3. Robin Berjon‏ @robinberjon 23 Oct 2018
          Replying to @rwaldron @CraigSilverman and

          Seriously Rick, it's a rounded rectangle with knobs. And it doesn't even look that similar.

          2 replies 0 retweets 5 likes
        4. Show replies

      Loading seems to be taking a while.

      Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

        Promoted Tweet

        false

        • © 2022 Twitter
        • About
        • Help Center
        • Terms
        • Privacy policy
        • Cookies
        • Ads info