Thousands of fake accounts on popular social media platforms like Instagram, Twitter, YouTube and Periscope have been created by hackers through an IoT botnet, using the Linux/Moose malware. According to security researchers the fake social media accounts are created by hackers to randomly follow people and browse content, in efforts to make the bots seem more “human” and avoid spam filters.
What is this IoT botnet?
The Linux/Moose botnet is a “new generation” IoT botnet that operates on embedded systems such as routers, rather than computers. This makes the bot much more difficult to detect. The botnet can function on even limited computational power and specializes in social media fraud.
Over 86% of Linux/Moose traffic was found directed towards Instagram, 8% towards Twitter an 3% towards Periscope, YouTube, Kiwi and Flipgram. Researchers also found email account creation requests sent to Gmail and Yahoo. The botnet created over 1,700 fake accounts on Instagram, were 72% of the accounts were suspended by Instagram.
However these accounts use random numbers and letters as their usernames and have generic images such as those of plants, buildings, landscapes or animals as their profile pictures. The accounts also do not post anything and have no followers. The researchers also estimated that the potential revenue of a Linux/Moose bot was “$13.05 per month”.