Saturday, October 16, 2021

Elasticsearch Server Leaks Massive Instagram Click Farm

Must Read

Chrome will soon use HTTPS automatically when users type URL without prefix

Google's developers are some of the most enthusiastic promoters of browser security features over the past few years and,...

The Domestic Kitten hacking group has a threat to the Iranian regime

Investigators have revealed the internal functioning of the Domestic Kitten team's surveillance operations.The Domestic Kitten also followed as the...

Microsoft links Vietnamese Country hackers to a crypto-mining malware campaign

Vietnamese government-backed hackers have been recently seen deploying cryptocurrency-mining malware along with their routine cyber-espionage toolkits, Microsoft said on...

Security researchers have discovered a gigantic Instagram click farm in central Asia, managing thousands of bogus profiles.

A group in vpnMentor discovered the operation as a result of some unsecured Elasticsearch database that it had been using, attached to the public-facing net.

“The click farm seems to be conducted by a complex operation that has assembled a highly automated procedure to make thousands of bogus proxy accounts on Instagram. Each account had its avatar, biodegradable and character,’ seeming to combine Instagram from all around the world,” explained vpnMentor.

“Every bogus account would subsequently publish articles, see others’ articles, follow, respond, and participate with profiles. The click farm has been using proxy servers and IP addresses to conceal its action.”

The investigators tied back the operation into central Asia as most of those IP addresses and cell phone numbers used to authenticate and operate the bogus balances were from Armenia and Kazakhstan.

“Click farms are usually paid by people or companies to inflate their followers and participation.

The folks hiring click farms subsequently use this to leverage sponsorship places and other sorts of earnings from the program. In doing this, they are defrauding any organization or third party that pays them according to engagement and followers,” clarified vpnMentor.

“Click farms can also be utilized to distribute bogus misinformation and news.

After informing Facebook in regards to the server on September 21, it was closed down the next day.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This