Hackers use virus to create fake ‘likes’ and followers on social media sites

18 Aug, 2013 17:36 / Updated 11 years ago

Hackers are using the Zeus virus to create bogus ‘likes' and followers that purport to come from users of Facebook, Twitter, Instagram, and other social media sites. The scheme is aimed at making products appear more popular.

As social media becomes increasingly more important in shaping the reputations of people and businesses, hackers are using their skills to create false endorsements, according to cyber experts at RSA, the security division of EMC Corp.

Fake ‘likes’ are sold in batches of 1,000 on internet hacker forums. One thousand fake Instagram followers will cost just US$15, while 1,000 ‘likes’ will go for $30. In comparison, 1,000 credit card numbers from a stolen PC cost as little as $6.

Online marketing experts say that people are willing to spend a lot of money to create an internet buzz and sensationalize a product.

“People perceive importance on what is trending. It is the bandwagon effect,” Victor Pan, a senior data analyst with internet marketing and software company WordStream, told Reuters.

Facebook, which has almost 1.2 billion users, insists it is stepping up security at Instagram, which it brought last year for $1 billion. Instagram, which has just 130 million users, will soon have the same security measures as Facebook.

Michael Kirkland, a spokesman for Facebook, encouraged users to be vigilant for suspicious activity and report it through Facebook links and apps.

“We work hard to limit spam on our service and prohibit the creation of accounts through unauthorized or automated means,” Kirkland said.

Fraudsters most commonly use automated software programs to manipulate ‘likes.’ The Zeus virus is the first piece of malicious software found to date, which is being used to post fake endorsements. The virus is normally used to steal credit card data.

The modified Zeus virus controls an infected computer from a central server, which effectively forces the computer to post ‘likes’ for specific users.

According to Don Jackson, a senior security researcher with Dell Secure Works, hundreds of millions of PCs have been infected with Zeus since the virus surfaced just over five years ago.

Online marketing consultant Will Mitchel said that he sometimes advises clients to buy bogus social networking traffic to get their foot in the online door early.

“It’s fine to do for the first 100, but I always advise stopping after that,” said Mitchel.

He went on to explain that one of his clients bought more than 300,000 ‘likes’ on Facebook. “It was just ridiculous, everybody knew what they were doing,” he added.

But whatever the ethics of creating fake accounts, ‘likes,’ and followers, the problem is not going to go away.

“The accounts are always just a means to an end. The criminals are always looking to profit,” said Chris Gear, a research scientist at the University of California at Berkeley, who spent a year working on a team that investigated fake accounts on Twitter.