Popularity purchasers who buy fake ‘likes’ on social media could be hiring criminal botnets

fake social media likes botnet fraud pixelated unrecognizable faceless hooded cyber criminal man using digital tablet in cybe
stevanovicigor / 123RF Stock Photo
Instant “social proof” via purchased social media likes and followers isn’t the sweet deal it may seem. Celebrities, performers, politicians, new businesses, or anyone else buying big bundles of fake followers are unknowingly paying cybercriminals who are using a botnet of hijacked Internet of Things (IoT) smart home devices to procure those social media numbers. The so-called “ego market” is becoming a lucrative, low-risk criminal enterprise.

GoSecure, a Canadian cybersecurity team gave a presentation at Black Hat Europe 2016 presentation on the ego market and its ties to botnets and cybercrime, reports International Business Times.

After the DDoS (Distributed Denial of Service) attack on DNS service provider Dyn  in late April, it was discovered that a large portion of the attacking systems likely consisted of hijacked IoT devices in people’s homes. Easy-to-hijack IoT smart home devices such as home thermostats, WiFi cameras, baby monitors, and garage door openers were used to barrage the Dyn servers, resulted in the overloading of major sites and the slowing of the internet. Suddenly, many more people understood that botnets were dangerous tools used by cyber criminals that could work through hijacked home devices owned by unknowing, innocent people.

But not all cyber criminals set up and unleash botnets to run high-profile attacks. According to GoSecure, the Linux/Moose botnet isn’t used for DDoS attacks or to target people or political causes. Businesses that sell fake social media likes and followers, especially on Instagram, use the Linux/Moose botnet to send new account requests and then follow or like the users who pay for fake likes and followers in bulk.

According to the report, the current rate for 10,000 new Instagram followers is $112.67. It costs $158.99 for 10,000 likes. When GoSecure reverse engineered Linux/Moose, they found it used IoT home routers to set up the fake accounts. According to their sleuthing, GoSecure found that each individual device on the botnet was responsible for approximately 1,186 Instagram followers each month, generating the company up to $13.05. That may not seem like much, but when you start multiplying by tens of thousands of devices, or ‘bots,’ the dollars add up fast. When they ran the numbers for Linux/Moose, GoSecure found that the botnet could earn close to $700,000 a month selling batches of fake followers and likes.

With this business model, Linux/Moose stayed under the radar of criminal investigative groups more focused on denial of service and other forms of malicious attacks. The companies that use the botnet advertise openly and even accept credit cards and PayPal payments.

“It looks legitimate. The criminals make money and they probably declare taxes on it, but it’s all happening on a botnet,” GoSecure’s cybersecurity research head Oliver Bilodeau told International Business Times U.K. “There’s no direct victims to the crime. This is the next thing the criminals are moving to because there’s a low risk of getting caught and even if they do get caught, the damages would be complicated to explain to the judge. It’s a very clever scheme, quite a perfect cybercrime.”

The irony is that purchased fake followers are eventually detected and flagged as spam by social media networks. To protect your own home devices from botnet hijacking, read this article.

News

Fortnite does whatever it takes in upcoming Avengers: Endgame crossover

Following up the popular and successful Infinity War crossover where players put on the Infinity Gauntlet to become Thanos, it looks like players will be grabbing Captain America's shield in the lead-up to Avengers: Endgame this week.
Smart Home

Can new laws protect you from smart home security breaches?

To help combat smart home data breaches, state and federal lawmakers are exploring ways to protect consumers. California, Oregon, and members of the U.S. Senate all have proposals to protect people's data.
Emerging Tech

NASA chooses a special spot for its next crewed moon landing

Following the U.S. government's announcement last month of a desire to see American astronauts set foot on the moon again in the next five years, NASA has revealed a location on the lunar surface where it would most like to land.
Deals

Amazon and Best Buy halve the price of the Facebook Portal for Mother’s Day

Amazon and Best Buy both cut the price in half for the Facebook Portal smart display for Mother's Day. The Portal's smart camera will follow you as you move around the room during video calls. The Portal also has Amazon Alexa built in.
Social Media

LinkedIn: Now you can express love, curiosity, and more with new Reactions

LinkedIn is following in the footsteps of Facebook (three years later!) with the rollout of new reactions that give users more ways to express themselves when responding to posts in their feed.
Social Media

Twitter’s experimental Twttr app is even more popular than the real thing

Twttr, the new app that lets regular Twitter users test new features, is proving more popular than the main app, according to the company. The revelation suggests some of the innovations may land for all Twitter users soon.
Social Media

Messenger and Facebook, together again? Facebook tests integrating chats

Longing for the old days where Facebook and Messenger were one app? Facebook is testing an integrated chat option. While Messenger remains more feature-rich, the test brings some chat functionality back into the Facebook app.
Social Media

How to download Instagram Stories on iOS, Android, and desktop

Curious about how to save someone's Instagram Story to your phone? Lucky for you, it can be done -- but it does take a few extra steps. Here's what you need to know to save Instagram Stories on both iOS and Android.
Social Media

Facebook, Instagram, and WhatsApp went down worldwide for 2 hours this morning

Chaos erupted on the internet this morning, as Facebook, Instagram, and Whatsapp all went down from 6:30 a.m. to approximately 9 a.m. Thousands of users were unable to access the sites or send or receive Whatsapp messages.
Mobile

Skype screen sharing for mobile will let you share your swipes on dating apps

Skype is prepping the launch of screen sharing for mobile so you can share your swipes on dating apps, shop with buddies, or, perhaps, show a PowerPoint presentation to coworkers. It's in beta just now, but anyone can try it.
Social Media

Facebook toys with mixing Stories and News Feed into one swipeable carousel

Facebook's News Feed could look a lot like Stories if a prototype the social media giant is working on rolls out to users. The design change mixes Stories and News Feed posts into a full-screen slideshow that users swipe left to navigate.
Social Media

No more moon showers as Facebook Messenger’s dark mode gets official rollout

Facebook Messenger launched a dark mode last month, but to activate it you had to message the crescent moon to someone. Now it's been rolled out officially, and it can be accessed in a far more sensible way — via settings.
News

Twitter has revealed a launch date for its handy hide replies features

Twitter has revealed a launch date for a feature that lets users hide replies to their tweets. The hope is that it will help the original poster filter out offensive or irrelevant content from conversation threads.
Smart Home

Oh, Zuck, no! Facebook rumored to be creating a voice assistant to rival Alexa

Facebook hasn't been a big player in the smart speaker market, but that may be changing: The social media giant is reportedly working on a digital assistant to compete against Alexa and others.