This article is more than 1 year old

Fake news ‘as a service’ booming among cybercrooks

Fake sites spread fake stories to fuel pump and dump or other foul ends

Criminals are exploiting “fake news” for commercial gain, according to new research.

Fake news is widely assumed to be political or ideological propaganda published to sway public opinion, but new research conducted by threat intel firm Digital Shadows and released on Thursday suggested fake news generation services are now aimed at causing financial and reputational damage for companies through disinformation campaigns.

The firm's research stated that these services are often associated with “Pump and Dump” scams, schemes that aggressively promote penny stocks to inflate their prices before the inevitable crash and burn. Scammers buy low, hope that their promotions let the sell high, then flee with their loot and little regard for other investors.

A cryptocurrency variant of the same schemes has evolved and involves gradually purchasing major shares in altcoin (cryptocurrencies other than Bitcoin) and drumming up interest in the coin through posts on social media. The tool then trades these coins between multiple accounts, driving the price up, before selling to unsuspecting traders on currency exchanges looking to buy while prices are still rising.

An analysis of the Bitcoin wallet of one such popular “Pump and Dump” service found that it had received the equivalent of $326,000 from aspiring criminals in less than two months, Digital Shadows' research stated.

Fake news techniques

Disinformation campaign taxonomy [source: Digital Shadows blog post]

Digital Shadows also identified more than ten services that allow users to download software that controls the activities of social media bots. One such service offers users a trial for just US$7.

Others tools claim to promote content across hundreds of thousands of platforms, including forums, blogs and bulletin boards. The tools supposedly work by controlling large numbers of bots to post on specific types of forums on different topics.

Mentions of these sites and services across criminal forums have increased increased fourfold in just two years from 418 in 2015 to 1381 in 2017 so far, Digital Shadows reported. The company opined that things are only likely to get worse:

The battle against fake news could be getting even more difficult with advertisements for toolkits increasingly claiming to include built in features that bypass captcha methods, which were initially brought in to prevent bots and automated scripts from posting advertisements indiscriminately across these platforms.

Unsurprisingly, media organisations are a frequent target for purveyors of fake news. Digital Shadows analysed the top 40 global news websites and checked over 85,000 possible variations on their domain. In doing so, it discovered some 2,858 live spoof domains.

Simply by altering characters on a domain (e.g. a “m” may have changed to an “rn”) and by using cloning services it is possible to create a convincing fake of a legitimate news site. Miscreants then link to and otherwise promote fake stories at these bogus sites for their own nefarious ends.

Retailers have also been targeted. One managed service offers “Amazon ranking, reviews, votes, listing optimisation and selling promotions’ with pricing ranging from $5 (for an unverified review) to $10 for a verified review and up to $500 for a monthly retainer.

Trojan horse photo via Shutterstock

New, revamped Terdot Trojan: It's so 2017, it even fake-posts to Twitter


“The sheer availability of tools means that barriers to entry are lower than ever. It means this now extends beyond geopolitical to financial interests that affect businesses and consumers”, said Rick Holland, VP Strategy, Digital Shadows. “Of course, rumours, misinformation and fake news have always been part of human society. But what has changed in the digital world is the speed such techniques spread around the world.”

Digital Shadows issued guidance for firms looking to combat disinformation. Useful protection steps include keeping an eye on trending activity on social media and forums as it relates to an organisation’s digital footprint to potentially identify disinformation activity. Organisations should also proactively monitor for the registration of malicious domains and have a defined process for dealing with infringements.

Lastly organisation should monitor social media for brand mentions and seek to detect the ‘bots’, using clues such as the age of the account, the content being posted, and the number of friends and followers,” Digital Shadows advised. ®

More about


Send us news

Other stories you might like