Table of Contents
Introduction
A History Of Terrorist Bots On Twitter
The MEMRI JTTM Team: For Over Two Years, Monitoring Bots Spreading ISIS Content On Telegram
Creating Bots On Telegram
Jihadi Use Of Bots On The Encrypted Messaging Platform Telegram
Swearing Allegiance To ISIS
Discussing And Sharing Instructions For Online Security, Secure Communications, And Hacking
Sharing Information About Jihadi Channels, Archives, And Materials
Disseminating Warnings To Followers
Other Uses
Fundraising
Announcements Of New Bots And Requests For Distribution
Sharing Information About Jihadi Channels, Archives, And Materials
Sharing Information About Jihadi Channels, Archives, And Materials
Sharing Information On Training, Bombmaking, Weapons, And Recruiting
Introduction
Bots, or chatbots short for "chat robot" are computer programs that simulate human conversation "chat" through artificial intelligence.[1] They are typically created to carry out repetitive, pre-defined tasks more efficiently than humans.[2] They can be used for ecommerce, customer service, and content distribution; one common type, the chatbot, simulates conversation, while other types can schedule social media or other posts or create polls. Platforms such as Facebook Messenger,[3] Twitter,[4] and WhatsApp[5] offer bot integration. Botnets are connected computers performing monotonous tasks to keep websites going.[6] They are also becoming companions for people: In April 2020, half a million people downloaded an app called Replika that allows the user to converse with a human-like robot over text. While that app is not entirely convincing, some experts believe a completely convincing chatbot will exist in five to 10 years.[7]
Bot technology is also used for illegal purposes for example, sending spam and phishing emails containing malware, engaging in internet fraud, and trafficking in illegal goods and services. Illegal botnets gain control of computers through hacking or malicious coding and their owners can then use these computers to carry out DDoS attacks, email spam to many more millions of Internet users, generate fake Internet traffic, and extort ransom from users.[8]
To keep pace with China's ambitious artificial intelligence development, on February 11, 2019,[9] President Trump signed an executive order announcing the American Artificial Intelligence Initiative.[10] This strategy, according to the White House, is a concerted effort to promote and protect national AI technology and innovation, that "implements a whole-of-government strategy in collaboration and engagement with the private sector, academia, the public, and like-minded international partners." The move followed calls from AI experts[11] across industry, academia, and government to prioritize development of this area, including a May 2018 memo from then-defense secretary James Mattis asking the president to create a national strategy for AI. At the same time, however, there has so far been little research into how terrorist groups are already utilizing some of the basic forms of AI available to them, such as bots.
A History Of Terrorist Bots On Twitter
Every day, bots are being used by jihadis, especially on Telegram, for a wide variety of purposes. Highlighting these uses just recently was the pro-Al-Qaeda Jaysh Al-Malahim Al-Electroni Telegram channel that announced, on July 20, 2020, that it was recruiting supporters with expertise in programming, "media raids," film montage, hacking, translation, and graphic design. Those interested, it added, should make contact using its bots.[12] The same day, the pro-ISIS Basa'ir Da'wah Foundation, on Telegram, urged supporters, especially designers, poets, and religious students, to join the foundation's team by contacting its bot on the platform.[13]
Jaysh Al-Malahim recruitment notice; Basa'ir Da'wah Foundation recruitment notice
Also, on July 23, the pro-Al-Qaeda Jaysh Al-Malahim Al-Electroni announced that it was seeking a commentator with excellent Arabic for its videos and asked candidates to apply to its Telegram bot.[14]
The recruitment notice referring candidates to Jaysh Al-Malahim Al-Electroni's Telegram bot
A pro-ISIS Telegram bot warned, on August 3, that intelligence and "Rafidites" Shi'ites had infiltrated pro-ISIS groups on Telegram and were creating fake accounts under the names of genuine ISIS supporters. It named three specific Telegram accounts claiming to be pro-ISIS that it said were actually run by Shi'ites.[15]
Underlining how bots are energizing jihadis' daily social media efforts, on August 5, Jaysh Al-Malahem Al-Electroni released a poster titled "We Remain in the Media Battle, Victorious." It depicts an armed fighter with the logos of Telegram, Instagram, Facebook, Pinterest, LinkedIn, YouTube, and Twitter.[16]
As early as 2015, when it was estimated that bots made up over half of all Internet traffic, ISIS was already known to have created thousands of Twitter bots to disseminate violent content, raise funds, and recruit supporters, as well as jamming activist communication on the platform, silencing their opponents on Twitter.[17] The bots latched onto trending hashtags to send out a stream of pro-ISIS messages a tactic adopted by ISIS as early as 2014[18] with the aim of inserting ISIS into ongoing conversations on different topics. Following the November 2015 Paris ISIS attacks, the international hacktivist group Anonymous launched a campaign against ISIS bots across the Internet under the hashtag #opISIS, shutting down over 25,000 of them within a month.[19]
After ISIS leader Abu Bakr Al-Baghdadi was killed by U.S. forces in late October 2019, Mustafa Ayad, a terrorism researcher at the London-based Institute for Strategic Dialogue, noticed on Twitter that many ISIS tweets were being posted faster than humanly possible. Accounts posting them that were suspended quickly returned with slight changes in usernames to avoid detection, while other accounts posting the content appeared to have been hacked. Twitter said that between January and July 2019 it had suspended more than 115,000 accounts for terrorism-related violations.[20] Telegram CEO Pavel Durov has stated that he takes steps to remove jihadi accounts and content on the platform, and has on occasion taken limited action to do so, but the accounts generally return.
A May 20 virtual forum held by the House Homeland Security Committee tackled the question of whether the coronavirus pandemic is fueling extremism on social media. Session co-host Rep. Max Rose, chairman of the Intelligence and Counterterrorism Subcommittee, said: "Terrorists' use of the Internet has been magnified by this public health crisis, with social media and gaming platforms increasingly being used for recruitment and propaganda here and around the world particularly as people spend more and more time online at home."[21] Bots are one technology that makes spreading that misinformation and messaging easier for extremist groups.
The MEMRI JTTM Team: For Over Two Years, Monitoring Bots Spreading ISIS Content On Telegram
As part of the work of the Cyber Jihad Lab team, which studies terrorists' use of technology, and of the MEMRI Jihad and Terrorism Threat Monitor (JTTM) team, over the past two years both teams have documented and identified the accounts in this report on the encrypted messaging app Telegram that are using bots. In October 2019, Telegram's @ISISWatch channel claimed to have blocked 7,431 terrorist bots and channels, many of which were used to launch campaigns for fundraising using cryptocurrency.[22] @ISISWatch was created the day after MEMRI exposed Telegram as ISIS's and jihadis' "app of choice" in a report published December 23, 2016 a report that made the front page of The Washington Post.[23] At that time, ISISWatch stated that Telegram "actively bans ISIS content on Telegram," that it was shutting down "an average of 70 ISIS channels" each day, and that between September and December 2016 it had shut down nearly 8,000 "ISIS bots and channels."[24] Nevertheless, Telegram remains a haven for jihadi communications, outreach, recruiting, and other activity even though the ISISWatch channel continues to report daily on terrorist bot and channels it claims to have removed.
Creating Bots On Telegram
Telegram allows users to create bots for sending, responding to, and otherwise managing messages, news, and notifications. They can also be used to manage digital assets such as cryptocurrencies.[25] Telegram's @BotFather tool walks users through the process quickly and easily, and provides support for questions connected to the process.[26]
To create a bot, the user first searches for @BotFather on Telegram, and then clicks on it to begin the process:
The user is then asked to create a name and username for the new bot. Once this is done, Telegram generates a unique link to the bot where the user can add a description, about section, and profile picture, and directs the user to a list of commands that it can be programmed to carry out.
To view a video of the creation of a Telegram bot, click here or below:
JIHADI USE OF BOTS ON THE ENCRYPTED MESSAGING PLATFORM TELEGRAM
Telegram's popularity among jihadis over the past five years has been well documented; for example, since 2015,[27] the Islamic State (ISIS) has used it in an official capacity, to disseminate calls for violence and share detailed instructions on how to carry out terrorist attacks, and to coordinate attacks an early example being the 2015 Paris attacks.[28]
ISIS, Al-Qaeda, and other jihadi organizations as well as their supporters are using bots on Telegram to disseminate their messaging in a variety of languages. They can be created in a chat or channel to allow them to connect with users. The bots can handle messages, with group members conversing with the bot as with a human. The MEMRI JTTM has been monitoring jihadi bots on Telegram since 2015.[29]
The examples below show how jihadi organizations ISIS, Al-Qaeda, Hay'at Tahrir Al-Sham (HTS), the Somali Al-Qaeda affiliate Al-Shabab Al-Mujahideen, the Gaza-based Jaysh Al-Ummah, and Kashmiri jihadi groups and their supporters, and other jihadis, are using bots on Telegram for a wide range of purposes.
While one major use is for mass dissemination of official notifications, publications, and video productions, these groups also use bots designed to allow users to access archives of jihadi content produced by groups and media organizations. The archives were found to include content from Turkestan Islamic Party (TIP), Voice of Islam, Al-Qaeda in the Arabian Peninsula's (AQAP) Al-Malahem Foundation, Libyan Al-Rayah Foundation, Al-Shabab's Al-Kata'ib Foundation, Al-Qaeda In The Islamic Maghreb's (AQIM) Al-Andalus Foundation, Al-Qaeda media group Global Islamic Media Front (GIMF), Group for the Support of Islam and Muslims (GSIM) Al-Zalaqah Foundation, and Jabhat Al-Nusra's (JN) Al-Manarah Al-Bayda' Foundation.
Also found in the archives was content from jihadi factions in Syria, Iraq, Chechnya, Bosnia, Egypt, Tunisia, and Libya, and from jihadi leaders past and present, including Osama bin Laden, Al-Qaeda leader Ayman Al-Zawahiri, HTS leader Abu Muhammad Al-Joulani, and Syria-based cleric Abdullah Al-Muhaysini.
Bots used by jihadis also allow users to request information and publications and register for courses, for example for physical fitness and bombmaking; solicit documents for later publication; submit and answer questions about migrating to Syria or Iraq, about technology, and about other subjects; widely share links to new Telegram channels following shutdowns; share tutorials on cyber security; use and hack accounts on social media platforms; recruit volunteer translators, video editors, and others; request donations for poor families, including families of slain jihadis; announce new accounts in multiple languages; promote causes such as supporting or freeing women from Al-Hol camp in Syria; and even convey holiday wishes.
This report documents the past two years of the JTTM's monitoring of jihadi use of bots for recruiting, fundraising, plan hacking and terror attacks, and more. It includes their use by major terrorist groups ISIS, Al-Qaeda, and others and by the most influential hacking groups and cyber activists. This use of bots a sophisticated tool made readily available to the public of social media users is a sign of what is to come: Jihadi groups will be using them much more in the future, and the West needs to be prepared to stop this before it happens.
ISLAMIC STATE (ISIS)
Planning Attacks, Sharing Information On Training, Bombmaking, And Weapons, Disseminating News, And Recruiting
The pro-ISIS Nasr News launched a new Telegram bot distributing official ISIS news in the Indonesian language: @NN20id_bot.[30]
On March 18, 2020, pro-ISIS Al-Tamkin Box launched a new Telegram bot, @Nooooooooods_bot, which distributes official ISIS news reports, official and unofficial videos, the Al-Naba' weekly, and articles by Al-Tamkin.[31]
JTTM subscribers can click here to view the full report
*Steven Stalinsky is Executive Director of MEMRI; R. Sosnow is Head Editor at MEMRI.
[1] Voxprogroup.com/iot-and-ai/ai-machine-learning-and-bots-whats-it-all-about, May 2017.
[2] Cdn2.hubspot.net/hubfs/53/assets/hubspot.com/research/reports/What_is_a_bot_HubSpot_Research.pdf?t=1492209311951, accessed July 30, 2019.
[3] Blog.hootsuite.com/facebook-messenger-bots-guide, May 9, 2019.
[4] Chatbotslife.com/how-to-make-a-twitter-bot-841b20655328, January 9, 2018.
[5] chatbotsmagazine.com/a-step-by-step-guide-to-creating-whatsapp-chatbot-for-business-275dc3924b17, May 14, 2019.
[6] Us.norton.com/internetsecurity-malware-what-is-a-botnet.html.
[7] Nytimes.com/2020/06/16/technology/chatbots-quarantine-coronavirus.html, July 16, 2020.
[8] Us.norton.com/internetsecurity-malware-what-is-a-botnet.html.
[9] Nbcnews.com/tech/tech-news/trump-s-artificial-intelligence-order-lacks-funding-not-target-china-n970406, February 11, 2019.
[10] Whitehouse.gov/ai/executive-order-ai/.
[11] Nytimes.com/2018/08/26/technology/pentagon-artificial-intelligence.html, August 26, 2018.
[13] Telegram/ Ghiras11bot, July 20, 2020.
[14] Talk.gnews.bz/channel/news-akhbar?msg=2yweGevZj58h2gpci, July 23, 2020.
[15] Telegram/ UI_BXH_X_BOT, August 3, 2020
[16] Telegram/ Al_MalahemCyberArmybot, August 5, 2020.
[17] Imperva.com/blog/bot-traffic-report-2014/, December 18, 2014.
[19] Businessinsider.com/anonymous-battles-isis-political-bots-2015-12, December 14, 2015.
[20] Npr.org/2019/11/01/775509366/twitter-struggling-to-shut-down-bot-and-impersonation-accounts-created-by-isis, November 1, 2019.
[21] Homelandprepnews.com/stories/49829-social-media-companies-must-use-ai-to-thwart-extremist-content-experts-tell-congressmen, May 27, 2020.
[22] Decrypt.co/11229/us-and-australian-officials-concerned-over-terrorist-cryptocurrency-use,November 7, 2019.
[25] Core.telegram.org/bots, accessed July 30, 2019; Coinrivet.com/what-is-a-cryptocurrency-telegram-bot, June 20, 2019.
[26] Core.telegram.org/bots/api, accessed July 30, 2019.
[28] See MEMRI report Germany-Based Encrypted Messaging App Telegram Emerges As Jihadis' Preferred Communications Platform Part V Of MEMRI Series: Encryption Technology Embraced By ISIS, Al-Qaeda, Other Jihadis September 2015-September 2016, December 23, 2016; MEMRI Daily Brief No. 192, Fears About New Facebook Cryptocurrency Are Overblown While Main Threat Of Criminal Activity On Telegram App Is Being Criminally Ignored, July 16, 2019; MEMRI Daily Brief No. 161, As Momentum Builds To Solve Problem Of Encrypted Terrorist Communications, A Possible Third Way Emerges, May 24, 2019; MEMRI Daily Brief No. 174, The Cryptocurrency-Terrorism Connection Is Too Big To Ignore, January 3, 2019; MEMRI Inquiry and Analysis No. 1387, The Imminent Release Of Telegram's Cryptocurrency, ISIS's Encryption App Of Choice An International Security Catastrophe In The Making, March 30, 2018; Congressional letter to Telegram CEO Durov, Memri.org/pdf/20181025_Telegram_sherman-Poe.pdf.
[29] Rsis.edu.sg/rsis-publication/cens/co15256-telegram-and-is-a-potential-security-threat/#.XUCPdOhKiUk, November 25, 2015.
[31] Telegram/ Ma Lakum Kayfa Tahkumun, March 18, 2020.
Originally posted here:
Jihadi Use Of Bots On The Encrypted Messaging Platform Telegram - Middle East Media Research Institute
