Popularity purchasers who buy fake ‘likes’ on social media could be hiring criminal botnets

fake social media likes botnet fraud pixelated unrecognizable faceless hooded cyber criminal man using digital tablet in cybe
stevanovicigor / 123RF Stock Photo
Instant “social proof” via purchased social media likes and followers isn’t the sweet deal it may seem. Celebrities, performers, politicians, new businesses, or anyone else buying big bundles of fake followers are unknowingly paying cybercriminals who are using a botnet of hijacked Internet of Things (IoT) smart home devices to procure those social media numbers. The so-called “ego market” is becoming a lucrative, low-risk criminal enterprise.

GoSecure, a Canadian cybersecurity team gave a presentation at Black Hat Europe 2016 presentation on the ego market and its ties to botnets and cybercrime, reports International Business Times.

After the DDoS (Distributed Denial of Service) attack on DNS service provider Dyn  in late April, it was discovered that a large portion of the attacking systems likely consisted of hijacked IoT devices in people’s homes. Easy-to-hijack IoT smart home devices such as home thermostats, WiFi cameras, baby monitors, and garage door openers were used to barrage the Dyn servers, resulted in the overloading of major sites and the slowing of the internet. Suddenly, many more people understood that botnets were dangerous tools used by cyber criminals that could work through hijacked home devices owned by unknowing, innocent people.

But not all cyber criminals set up and unleash botnets to run high-profile attacks. According to GoSecure, the Linux/Moose botnet isn’t used for DDoS attacks or to target people or political causes. Businesses that sell fake social media likes and followers, especially on Instagram, use the Linux/Moose botnet to send new account requests and then follow or like the users who pay for fake likes and followers in bulk.

According to the report, the current rate for 10,000 new Instagram followers is $112.67. It costs $158.99 for 10,000 likes. When GoSecure reverse engineered Linux/Moose, they found it used IoT home routers to set up the fake accounts. According to their sleuthing, GoSecure found that each individual device on the botnet was responsible for approximately 1,186 Instagram followers each month, generating the company up to $13.05. That may not seem like much, but when you start multiplying by tens of thousands of devices, or ‘bots,’ the dollars add up fast. When they ran the numbers for Linux/Moose, GoSecure found that the botnet could earn close to $700,000 a month selling batches of fake followers and likes.

With this business model, Linux/Moose stayed under the radar of criminal investigative groups more focused on denial of service and other forms of malicious attacks. The companies that use the botnet advertise openly and even accept credit cards and PayPal payments.

“It looks legitimate. The criminals make money and they probably declare taxes on it, but it’s all happening on a botnet,” GoSecure’s cybersecurity research head Oliver Bilodeau told International Business Times U.K. “There’s no direct victims to the crime. This is the next thing the criminals are moving to because there’s a low risk of getting caught and even if they do get caught, the damages would be complicated to explain to the judge. It’s a very clever scheme, quite a perfect cybercrime.”

The irony is that purchased fake followers are eventually detected and flagged as spam by social media networks. To protect your own home devices from botnet hijacking, read this article.

Home Theater

FCC filing leaks smaller Samsung Galaxy Home before the first one even launches

Samsung's promised entry into the A.I.-powered smart speaker race, the Galaxy Home, is still nowhere to be seen. But that isn't stopping the company from planning a follow-up device, which will be smaller, and likely cheaper.
Home Theater

Plex is free and easy, and you'll wonder how you survived without it

If you want a Netflix-like experience for the media you already own, you need Plex. It's the free media center software that automatically catalogs and plays your movies, music, photos, and more, on your TV. Here's how to use it.
Social Media

Millions of Instagram influencers reportedly had private data exposed online

As many as 49 million Instagram influencers have reportedly had their private data exposed in an online database that had no password protection. The database was apparently created by a marketing firm and has been taken offline.
Social Media

Help wanted: British royal family seeks social media wiz to run its accounts

The British royal family is looking for a social media expert to help it communicate its role and activities to the masses. So if you like the idea of having the Queen as your boss, why not throw your hat in the ring?
Social Media

Instagram ditches plans for stand-alone Direct messaging app

Instagram is shuttering it's stand-alone messaging app, Direct, after testing it since 2017. While the messaging features remain intact inside Instagram, the separate app will be discontinued in the next few weeks.
Social Media

6 easy ways to archive all of your favorite Instagram videos

Saving Instagram videos should be just as easy as taking a screenshot. So, we've put together a list of the best apps and tools that save your favorite Instagram videos onto your phone or computer.
Social Media

Instagram’s new Explore grid tempts you to open your wallet

Instagram has made some changes to its Explore tab that might tempt you into the occasional shopping spree. It's also planning to add Stories to the grid, mixing them up with the existing photos and videos.
Social Media

Be the master of your own Insta-verse with multiple Instagram accounts

Whether you own a small business or have separate Instagram accounts for your five cats, we'll walk you through the process of switching between your multiple accounts on your Apple or Android devices.
Social Media

A fond farewell to Grumpy Cat, the internet’s most famous feline

We say farewell and fondly remember Grumpy Cat, the internet's famous frowning feline and a genuine sweetheart, who died at the age of seven. Even tempered and tolerant, Grumpy Cat was in real life the opposite of her online persona.
Mobile

Treat your selfie with one of these 13 apps made to beautify your pics

Selfies might be a phenomenon second only to karaoke, but they're not the easiest thing in the world to create. Thankfully, these awesome selfie apps for Android and iOS will make beautifying your self-portraits easier than capturing them.
Web

Creators of WhatsApp attack software face lawsuit from Amnesty International

This week a spyware attack was launched on WhatsApp. Now the Israeli firm linked to that attack is facing a lawsuit from human rights NGO Amnesty International, alleging their software has been used to surveil human rights defenders.
Mobile

New York could dish out fines for texting while crossing the street

Do you text on your phone while crossing the street? The dangers of stepping out in front of a car or bus are obvious, but in New York, offenders could soon face a fine of as much as $250, too.
Social Media

Twitter co-founder Ev Williams still wants to save the world

Social media is evil, leading to a mental health crisis in Gen Z and a rise in hate speech. But there’s light at the end of the tunnel, says Ev Williams, the co-founder of Twitter. But weaning ourselves off today's social media won't be…
Social Media

Facebook gets a bad rap, former exec says, but we should break it up anyway

The rise of hate speech, the trolling, the comment on Facebook? Not Facebook's fault, says Alex Stamos, the social network's former chief security officer. But the site should still be broken up, he says.