The number of likes on an Instagram photo are pictured on a mobile device screen in Pasadena, California August 14, 2013.
The number of likes on an Instagram photo are pictured on a mobile device screen in Pasadena, California August 14, 2013.

Instagram virus shows that online 'likes' are worth more than stolen credit cards

Malicious software used to create fake followers and likes on Instagram sell its wares for five times more than stolen credit card numbers

James Vincent
Monday 19 August 2013 17:33

A new virus targetting photo-sharing site Instagram has proved that when it comes to trading illegal goods online, followers and likes are five times more valuable than stolen credit cards.

The virus, known as Zeus, originally started life as a tool to steal credit card data but has been modified to create fake likes on Instagram, say Reuters.

It is apparently the first known instance of malicious software being used to create fakes likes on a social media site. The trade in articial online popularity is well established but has previously been the product the automated programs and fake accounts.

Once the virus has infected a computer, hackers can sell likes and followers on forums. Citing cyber experts from RSA, Reuters notes that whilst 1,000 Instagram followers are sold for $15 and 1,000 Instagram likes fetch $30, buying 1,000 stolen credit card numbers only costs $6.

The research, which was sourced from Buyaccs also showed a hirearchy of online accounts. Whilst 1,000 'used' Hotmail accounts (that had previously been used in another activity) go for as little as $2, Twitter accounts fetch $20 per 1,000. Google and Facebook accounts were the most expensive, priced at $100 for batches of 1,000.

Marketing analysts say that these prices reflect the increasing need for brands to hype their products and create a sense of ‘online buzz’. The fact that advertising teams have more money to spend on the illegal wares than the hackers themselves would also drive up the prices.

Zeus itself was first identified back in 2007 when it was used to steal data from the United States Department of Transportation. It infects computers via phishing attacks and unauthorised downloads before collecting banking details entered into online forms. Presumably the same tactics are used to steal the login information for social media accounts on infected computers.

Reuters also notes that whilst a small amount of faked online popularity can be beneficial (popularity begets popularity to a certain degree) too much can be obviously artificial and off-putting.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments