Hackers are Cashing in on Instagram Likes

They say popularity has its price. This saying holds a new weight when it comes to the growing influence of social media. In fact, your “Likes” may be worth more to hackers than your credit card number. As counterintuitive as it may seem, your social clout has become the new target of hackers. And they’re using some old tricks to get at your virtual valuables. A mutation of the long running Trojan formally used to nab banking information has emerged on Instagram, creating fake “Likes” and “Followers” for parties who are interested in paying up. Let’s take a look at the mutated virus, the demand behind its creation, and what you need to know to protect your personal data.

The diverse uses of the Zeus Trojan have made it one of the largest and longest running malware families around. It originated in 2007 as a Trojan horse (malicious software that is disguised as benign or useful software) used to steal banking information through keystroke logging (recording passwords typed on your keyboard through covert methods) and form grabbing (collecting your sensitive data through forms submitted to a website). Since then, Zeus has continued to evolve, with each viral strain having the primary intent to seize financial data. The latest mutation represents the first piece of malicious software to date that has been used to post false “Likes” on a social network.

Why might a scammer tweak the previously successful Trojan to target social networking accounts over bank accounts? The answer lies in the increasing importance of social media for brand and personal reputation. In today’s digital landscape, social currency is a key to success for many. Companies gain influence and an audience that show a love for their product, and many people on social media have been offered perks for their thousands of followers from big brands that want to tap into their social media influence. The more likes, followers, and shares, the better—and if that means paying for some fake love, many are saying “so be it.”

The exchange of cash for social currency happens on Internet hacker forums, a virtual black market, where the going price for 1,000 Instagram “Followers” is $15 and 1,000 Instagram “Likes” can be bought for twice that amount. A dump of 1,000 credit card numbers, by contrast, can be purchased for as little as $6.

This fraudulent activity is controlled through a central server where the modified version of Zeus infects devices, and forces them to post “Likes” for specific users. These infected devices can also be commanded to engage in other operations or download malicious software. This means that something beginning as a simple Instagram takeover could, in fact, become much more detrimental to your personal security.

Cybercriminals are not likely to let up on social network manipulation any time soon. In fact, the opposite is true. With companies and people willing to pay a premium for a boost in social activity, hackers will continue to find a way to provide it to them. Here are some measures you can take to ensure that your account isn’t the next to be commandeered:

  • Report suspicious activity. If you see any suspicious activity on your account, strange new followers that never comment on your photos, or users that spam your comments section asking you to follow them back, there are simple steps to block these users from your feed and/or report this activity to your social media provider.
    • On Instagram: Click on the user’s profile image and then click on the box with an arrow at the top right of the user’s profile page. Select Block User or Report for Spam. The former simply blocks the user from seeing your content; the latter will send a report to Instagram that you think the user is actually a spam account.
    • On Facebook: On the user’s profile page there is a hovering bar over the user’s cover photo. At the bottom right of that photo click on the dropdown gear box and select “Block/Report.”
    • On Twitter: Go to the profile page of the user you want to report. Click on the dropdown menu to the right of the page with a silhouette. You can select to either Block or Report the user.
  • Help your friends help themselves. If you notice something odd occurring on a friend’s account – send them a message to bring it to their attention. Recommend that they report the activity ASAP.
  • Don’t fall for scams. It’s tempting to participate in audience-growing activity such as #followback hashtags and engage with users who promise to “Like” and “Comment” on your activity. While doing this on a user-by-user basis may be fine, avoid associating your username with any program or user account that promises too much of a good thing, such as thousands of “real followers.”
  • Change your password regularly. An oldie but a goodie, changing your passwords on a regular basis will keep cyber criminals guessing and help avoid an account takeover.
  • Protect all of your devices with comprehensive security. Install McAfee LiveSafe™ service to safeguard your smartphones, tablets, PCs, and Macs from malicious malware like Zeus. This dynamic service offers antivirus protection for all of your devices, secures all usernames and passwords to your favorite sites, helps you safely search the web, and locks down your sensitive data in a dynamic vault with voice and facial authentication.

Stay up-to-date on the latest social media and web security threats!


Introducing McAfee+

Identity theft protection and privacy for your digital life

FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Internet Security

Back to top