Skip to main content

Popularity purchasers who buy fake ‘likes’ on social media could be hiring criminal botnets

faceless hacker in a black hoody
stevanovicigor / 123RF Stock Photo
Instant “social proof” via purchased social media likes and followers isn’t the sweet deal it may seem. Celebrities, performers, politicians, new businesses, or anyone else buying big bundles of fake followers are unknowingly paying cybercriminals who are using a botnet of hijacked Internet of Things (IoT) smart home devices to procure those social media numbers. The so-called “ego market” is becoming a lucrative, low-risk criminal enterprise.

GoSecure, a Canadian cybersecurity team gave a presentation at Black Hat Europe 2016 presentation on the ego market and its ties to botnets and cybercrime, reports International Business Times.

After the DDoS (Distributed Denial of Service) attack on DNS service provider Dyn  in late April, it was discovered that a large portion of the attacking systems likely consisted of hijacked IoT devices in people’s homes. Easy-to-hijack IoT smart home devices such as home thermostats, WiFi cameras, baby monitors, and garage door openers were used to barrage the Dyn servers, resulted in the overloading of major sites and the slowing of the internet. Suddenly, many more people understood that botnets were dangerous tools used by cyber criminals that could work through hijacked home devices owned by unknowing, innocent people.

But not all cyber criminals set up and unleash botnets to run high-profile attacks. According to GoSecure, the Linux/Moose botnet isn’t used for DDoS attacks or to target people or political causes. Businesses that sell fake social media likes and followers, especially on Instagram, use the Linux/Moose botnet to send new account requests and then follow or like the users who pay for fake likes and followers in bulk.

According to the report, the current rate for 10,000 new Instagram followers is $112.67. It costs $158.99 for 10,000 likes. When GoSecure reverse engineered Linux/Moose, they found it used IoT home routers to set up the fake accounts. According to their sleuthing, GoSecure found that each individual device on the botnet was responsible for approximately 1,186 Instagram followers each month, generating the company up to $13.05. That may not seem like much, but when you start multiplying by tens of thousands of devices, or ‘bots,’ the dollars add up fast. When they ran the numbers for Linux/Moose, GoSecure found that the botnet could earn close to $700,000 a month selling batches of fake followers and likes.

With this business model, Linux/Moose stayed under the radar of criminal investigative groups more focused on denial of service and other forms of malicious attacks. The companies that use the botnet advertise openly and even accept credit cards and PayPal payments.

“It looks legitimate. The criminals make money and they probably declare taxes on it, but it’s all happening on a botnet,” GoSecure’s cybersecurity research head Oliver Bilodeau told International Business Times U.K. “There’s no direct victims to the crime. This is the next thing the criminals are moving to because there’s a low risk of getting caught and even if they do get caught, the damages would be complicated to explain to the judge. It’s a very clever scheme, quite a perfect cybercrime.”

The irony is that purchased fake followers are eventually detected and flagged as spam by social media networks. To protect your own home devices from botnet hijacking, read this article.

Bruce Brown
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
Elon Musk: Owning Twitter has been a ‘roller coaster’ and ‘quite painful’
Elon Musk.

UPDATE: After more than an hour of Musk taking questions and with around 3 million people listening live, the interview came to a close at 10:10 p.m. PT.

Twitter CEO Elon Musk agreed to an interview with the BBC on Tuesday night. It took place at Twitter's headquarters in San Francisco with BBC journalist James Clayton and was streamed live on Twitter Spaces, the platform's audio chatroom feature.

Read more
How to get your share of Facebook’s $750M settlement
Meta, formerly Facebook.

Meta (formerly Facebook) might owe people who used the social media site between 2007 and 2022 some money due to privacy infringement, according to Mashable.

The social media giant has reached a settlement in a class-action lawsuit where it admits no fault in the claims against the company, but has agreed to pay out $725 million in damages. The money is available to all who submit a claim by the appropriate deadline of August 25, 2023. If you are (or were) a Facebook user, here's how to know if you're eligible and get your share of the settlement.
How to know if you're eligible
There are various stipulations you should take into consideration, including that the $725 million award will be truncated after Meta pays its legal and administrative fees. There are also eligibility, filing, and opt-out dates you want to note.

Read more
Instagram finally lets you add multiple links to your bio
3D Instagram icon.

Instagram has finally relented and now offers a simple way to add multiple links to your profile. Before now, you could only have one link in your profile, but on Tuesday, the platform started allowing up to five.

But take note: The links won’t show individually. Instead, only one will appear on your profile, with the others accessible via a link.

Read more