The perfect cybercrime: selling fake followers to fake people
By
Hackers are recruiting the internet of things into a botnet. But this time they’re not trying to take down the internet. They’re just using them to make fake social media accounts – which they can then sell to online narcissists to make an easy buck.
Masarah-Cynthia Paquet-Clouston, a criminologist with the University of Montreal, and Olivier Bilodeau, a cybersecurity researcher at Montreal-based company GoSecure, have uncovered a large botnet that recruits everyday devices such as connected toasters, fridges or even your grandmother’s router to help commit social media fraud. They think that this stealthy, lucrative scheme is a glimpse into the future of low-level cybercrime.
Bilodeau had been tracking the Linux/Moose malware, which infects routers and other smart devices to turn them into a botnet, for a few years when it went dormant.
He suspected the malware was still out there and evolving, so he teamed up with Paquet-Clouston to lure the new variant into a trap. They created a honeypot – a virtual device disguised to look like a poorly secured router. When the malware tried to infect the device, they gained access to the botnet so they could study the scheme. The researchers presented their work at the Black Hat Europe security conference in London on Friday.
Botnets may be best known for spam, ad fraud or distributed denial of service (DDoS) attacks like the one thatbrought down many major websites last month. But the Linux/Moose botnet has a different job – directing traffic to social media sites.
The botnet operator uses the internet of things to cover their tracks so that social media accounts they create aren’t immediately flagged as bogus. “Usually when a social network sees thousands of users coming from a single IP address, it’s a red flag for fake accounts,” Paquet-Clouston explains.
Once the botnet has grandma’s router under its control, it uses the device as a proxy to make it look like its traffic is coming from that router’s “clean” IP address when it visits a social media site to make a new account.
Read More Story: https://www.newscientist.com/article/2111613-the-perfect-cybercrime-selling-fake-followers-to-fake-people/
Leave a Reply