Instagram – the New Advertising Platform for Botnets

Recent reports have revealed that cybercriminals are using the popular social media site, Instagram, as a marketplace to advertise the rental of Botnets. The advertisements do not make it clear how powerful the botnets are; however, some posts are claiming to provide cheap access to the Mirai botnet, which was behind one of the largest cyberattacks in history.

While this is not the first time hacking tools have been advertised on consumer sites, it does highlight once again the commercialization of cybercrime and how the criminals are making money by brazenly advertising their tools on the open web.

But how dangerous are these attack tools and does the fact that they are advertised so cheaply make them any less powerful?

The commercialization of cyberattacks

The commercialisation of cyberattacksToday, if somebody is looking to cause an organisation harm, there is a huge cyber-arsenal available on the web. DDoS attacks have become a cheap method of cyberattack, that just about anyone can launch. Even for those who are not particularly tech-savvy, DDoS-for-Hire services promise to take down a website for as little as $50 a day with very little effort. In addition, those who are slightly more technical can even hire a Botnet and launch their own DDoS attack against an organisation of their choice. Regardless on which end of the advertising chain they sit, they’d be committing a criminal act if they bought an attack to cause harm to a third party or if they were launching the attack itself.

In the past few years, we have seen the criminals behind DDoS-for-Hire services are actively looking for new ways to promote them to potential buyers. Last year, a mobile attack-for-hire service went up for sale on the Google Play store. Earlier this month, one of the top mobile social apps, Instagram, turned into an advertising platform for selling stolen Spotify and Fortnite accounts, as well as access to botnets designed to launch distributed-denial-of-service (DDoS) attacks. Some of the criminals are even advertising their tools and services in Instagram posts, others are advertising them using the network’s Stories feature.

This ultimately means that the cost of launching an attack has never been cheaper and those services have never been more easily accessible but, unfortunately for the victim, the costs are much more significant. Indeed, a recent study conducted by Corero confirmed that the erosion of customer trust and confidence is the single most damaging consequence of DDoS attacks for businesses today. Network and web services availability are crucial to ensuring customer satisfaction and maintaining customer trust and confidence in a brand. One can only imagine how many customers an online store, or service, could lose if a DDoS attack takes it offline for even short periods of time.

Best Pratices

Advertising DDoS-for-hire services on social media platforms, such as Instagram, is the latest trick in the cybercriminals’ handbook, aiming to make those services more widespread and easily accessible for anyone around the globe. This is not making them any less powerful but, at the same time, expands the DDoS-for-hire market.

To find out more, please contact us.

Sean Newman is VP Product Management, responsible for Corero’s product strategy. Sean brings over 25 years of experience in the security and networking industry, to guide Corero’s growing leadership in the real-time DDoS protection market. Prior to joining Corero, Sean’s previous roles include network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.