Apparent Spambot Manpulation - "Loli" and "#nsfwtw" Trending on Twitter

Yep. You read that right.


Normally I’d be neutral to, or even delighted, to see this, but I can’t afford myself that luxury.

It seems that the tag was included in a coordinated spambot manipulation of Twitter’s trending algorithms, which seems to be part of a larger, more sophisticated spam attack, one that had been observed on Mastadon instances like Pawoo and Baraag.

Baraag is definitely more well-managed in terms of moderation capacity, or perhaps those in charge of that node had the foresight to identify where and how these bot attacks were occurring, and took steps to preemptively repel them.

Pawoo, on the other hand, is still dealing with it on their part, but they have taken steps to reduce it to a level that can be sifted thru by end-users and reported manually.


With Twitter, though, at first I was deeply concerned since a lot of the users there wouldn’t even know what this is, and would likely conflate fictional cartoons with abuse material, but thankfully it seems users were quick to figure it out and relay it to one another.

The immense amount of backlash, as well as general discourse with the letters “loli” (lots of Spanish tweets here) and users violating Twitter’s Rules by posting loli/shota artwork, has contributed to a snowball effect that kept Loli trending for the latter half of the night. Many users were disgusted to find what had happened, and I’m sure some engineers over at Twitter will reconsider how their trending system works, since it has been shown to be prone to bot manpulation in the past.

At first, I was under the impression that it was trending due to Vtuber/Hololive drama, or something to that effect, or maybe a famous artist or influencer had said something, or shown off their hentai collection. What I was disappointed to find, though, was something far more nuanced and technical, but significantly unfortunate.


In any case, though, I figured this is worth posting about here because it shows how vulnerable legal, harmless, and safe materials like loli/shota can be co-opted by less-than-faithful and nefarious groups. This isn’t to say that loli/shota should be regulated, or that this represents an intrinsic relationship with illegal activity, in fact, far from it. The overwhelming consensus among users of these users is one of disdain and disgust at how their hobby is being co-opted and they all worry how this may appear to both authorities and regulators, as well as general on-lookers.

I say this because legal pornography is being co-opted into this as well, as many bot posts ask to be sent anything, ‘legal or illegal’.
It’s not just bot accounts, a lot of the accounts posting these messages seem to have belonged to legitimate users who have had their account information compromised and absorbed into the network of spambots. If you’ve ever had a friend or relative on social media reach out to you with what was obviously a scam, then you might better understand how this is working. But given the overall implications of this, I fear the worst for those who’ve been affected by this.

In spite of this, though, I can’t say I’m all that emotionally affected by this.
I believe it’s part of a coordinated spam-bot effort to infect users with malware and steal information, rather than distribute CSAM, but I could be wrong on that front. This IS still cybercrime, even if they’re roping in child pornographers.

To reiterate my intentions with making this post, it’s to make it clear to everyone that loli/shota is NOT integral to the distribution of CSAM, nor tangentially related. The market for harmless fictional materials (like lolicon or CGI materials) is distinct from the market for CSAM.

These are all bots, this is not the product of some organic underground market or scene. The fact that they all repeatedly say “DM me”, rather than messaging those who respond to their posts, is an indicator that they’re all bots.

To my knowledge, simply posting/sharing lolicon artwork on Twitter will only result in an account termination, at least in the US. Twitter includes rules prohibiting it in their CSE policy, but I’ve always kept a close eye on that part of Twitter and noticed that those who are banned for sharing/positng it always return under a different alias, with those who dabble in the sexual exploitation of real children who never seem to return (and rightfully so).

Still. I don’t recommend violating their ToS. There are other places which allow it and work with Law Enforcement to monitor and remove illegal CSAM while still enabling artistic expression.


It seems that I neglected to mention that “#nsfwtw” is also included in this…with identical spambots. Huh.


I’m surprised to see the Prostasia forum comment on this. I noticed that CSAM links were being posted all over the place: AllTheFallen, Baraag, Mastodon, Pawoo, Pixiv, etc. So many fucking CSAM links. I think you’re on the money that this was a scam: one unfortunate idiot took the bait, gave their information to the site, wound up with their bank account in the negatives. Fucking yikes. Distributing CSAM to lure in and rob people, the greed is palpable, fucking insidious…


So long as it gets reported/removed whenever it appears, that’s the issue.

And really?? ATF? I was under the impression that they were a walled garden, so if any spam actually made it through, I’m sure it wouldn’t last long.

Pawoo and Pixiv seem to have the hardest time with it all, whereas Baraag appears to have already found a solution to it, be it the form of implementing simple spam filters or outright blocking registration/posting from the IP ranges of the botnets.

It genuinely worries me to see them use the word “#loli” though, because that use might make people seriously think that loli is a vernacular for real child when that never was the case.

1 Like