The Zeus virus, originally made to steal credit card data, is now being used to create bogus Instagram accounts that can “like” businesses on the popular service — if those businesses pay for the privilege.
August 17, 2013 1:05 PM PDT
“Our prices are unmatchable! What are you waiting for?”
(Credit: Screenshot by Edward Moyer/CNET)
Would you pay $30 for a thousand bogus “likes” on Instagram? Apparently some buzz-seeking businesses would.
Reuters reports that hackers are selling rigged Instagram endorsements, and that to create these supposed indicators of a company’s cool factor, they’ve rejiggered a virus originally designed to steal credit card numbers.
And get this: the endorsements sell for more than the credit card info.
Reuters cites security company RSA in reporting this new use for the Zeus virus — malware that can be secretly slipped onto millions of computers to create a botnet, or army of “zombie” machines, that can do the hackers’ bidding. (Last year, Microsoft launched an effort to wipe out a Zeus-related crime ring that had allegedly ripped off more than $100 million with the help of about 13 million zombie PCs.)
According to an RSA blog item earlier in the week, an unusual variant of the Zbot Trojan malware is being used to create battalions of fake Instagram users that can like and follow a given business or Instagram user and make a new product or personality seem popular.
Fake Instagram endorsements are sold in online hacker forums in batches of a thousand, Reuters says — with followers going for $15 a batch and likes going for $30 a batch. Credit card numbers reportedly go for as little as $6 a batch.
RSA notes that an online search for “Purchase Instagram Followers” reveals several services that sell these bogus endorsements — and indeed that’s true, with a variety of prices cropping up, along with typical sales slogans such as “Delivery from 24 hr!” and “our prices are unmatchable!”
RSA notes that bogus followers are nothing new (in fact, we reported in a 2011 post that none other than Newt Gingrich had been accused of buying fake Twitter followers) but that this seems to be the first time a Zeus variant has set its sights on Instagram.
An Instagram representative sent us the following statement late Saturday:
We work hard to limit spam on our service, and prohibit the creation of accounts through unauthorized or automated means. We encourage people to report such accounts through the report links we provide in our apps and on our site. We process these reports through our operations team, and this information helps inform our site integrity systems.
These technical systems also flag and block potential fake accounts based on anomalous site activity.
Additionally, we employ robust systems to address accounts compromised through malware and phishing, which helps keep the number of fake accounts low.
Update, 5:10 p.m. PT: Adds statement from Instagram.