Hackers Modify Zeus to Create Bogus Social Media Buzz

Researchers at RSA, as reported by Reuters, have uncovered a reboot of the Zeus financial crimeware Trojan, now modified to create bogus buzz by creating “likes” and followers on Instagram. They’re being sold in batches of 1,000 in underground hacker forums, alongside credit card data and personal information on consumers.

The pricing is indicative of the value of the goods: $15 will get you 1,000 Instagram followers, while 1,000 Instagram "likes" go for $30. In comparison, RSA noted that 1,000 credit card numbers cost just $6.

While fraudsters in the past have sold sham social media activity for profit, it has thus far been done the old-fashioned way: clicking on the “like” button. This Zeus variant is the first malware-based approach to the enterprise. According to RSA, Zeus sets up a botnet just like it does for stealing credit card data, and uses the bots to post. Of course, it’s also a convenient backdoor for infecting machines with additional, more dangerous malware later down the line.

"The accounts are always just a means to an end. The criminals are always looking to profit," UC Berkeley computer security expert Chris Grier told Reuters.

Facebook bought Instagram last year for $1 billion and is in the process of integrating it into its operations. Soon, Instagram’s 130 million active users will have the same security measures as the 1.2-billion user strong Facebook population. In the meantime, spokesman Michael Kirkland cautioned users to be on the lookout for suspicious activity on the social network.

"We work hard to limit spam on our service and prohibit the creation of accounts through unauthorized or automated means," Kirkland told Reuters.

What’s Hot on Infosecurity Magazine?