Security researchers have discovered a gigantic Instagram click farm in central Asia, managing thousands of bogus profiles.
A group in vpnMentor discovered the operation as a result of some unsecured Elasticsearch database that it had been using, attached to the public-facing net.
“The click farm seems to be conducted by a complex operation that has assembled a highly automated procedure to make thousands of bogus proxy accounts on Instagram. Each account had its avatar, biodegradable and character,’ seeming to combine Instagram from all around the world,” explained vpnMentor.
“Every bogus account would subsequently publish articles, see others’ articles, follow, respond, and participate with profiles. The click farm has been using proxy servers and IP addresses to conceal its action.”
The investigators tied back the operation into central Asia as most of those IP addresses and cell phone numbers used to authenticate and operate the bogus balances were from Armenia and Kazakhstan.
“Click farms are usually paid by people or companies to inflate their followers and participation.
The folks hiring click farms subsequently use this to leverage sponsorship places and other sorts of earnings from the program. In doing this, they are defrauding any organization or third party that pays them according to engagement and followers,” clarified vpnMentor.
“Click farms can also be utilized to distribute bogus misinformation and news.
After informing Facebook in regards to the server on September 21, it was closed down the next day.