December 2, 2023

Low-skill cybercriminals are utilizing a brand new software to create lots of of pretend social media accounts in only a few seconds, researchers have found.

Referred to as Kopeechka (“penny” in Russian), the service helps to bypass two principal “hurdles” for somebody attempting to create a pretend account — electronic mail and telephone verification.

Cybercriminals may use Kopeechka to hold out misinformation, spamming, and malware promotion campaigns, based on researchers on the cybersecurity agency Pattern Micro who analyzed the software.

For instance, the service was used to mass-register accounts on the social media platform Mastodon for conducting large-scale spam campaigns that promoted fraudulent cryptocurrency funding platforms.

The corporate didn’t instantly reply to a request for remark.

Social media giants like Instagram, Fb, and X (previously Twitter) have lengthy labored to reduce the mass registration of pretend accounts, also called bots, as they’re usually utilized by hackers of their unlawful actions.

Primary anti-bot measures, like electronic mail handle and telephone quantity validation, using non-suspicious IP addresses, and CAPTCHA – a puzzle on an internet site designed to substantiate that it is being utilized by an actual individual quite than a pc program, are deterrents.

Cybercriminals can bypass CAPTCHAs and IP handle popularity checks utilizing automated scripts, however acquiring distinctive electronic mail addresses and telephone numbers may be more difficult. That’s after they flip to providers like Kopeechka.

The way it works

The service has been energetic because the starting of 2019 and presents its prospects each an online interface and an API.

Along with main social media platforms like Fb and X, cybercriminals have used Kopeechka’s API to register accounts on Discord, Telegram and Roblox.

Researchers have additionally found a Python script by way of Kopeechka that might be used to create accounts on Virus Complete, a web based service that scans laptop recordsdata for viruses, implying that some customers could be registering these accounts for testing malware detection.

Kopeechka offers customers with entry to emails acquired from social media platforms. It doesn’t hand over the mailbox account itself, as it’s managed by Kopeechka, not by a third-party person.

Kopeechka has varied electronic mail accounts in inventory, together with with Hotmail, Outlook, Gmail, and The service permits using a single electronic mail handle for a number of registrations on totally different social media platforms.

Researchers suspect that these electronic mail addresses are both compromised or created by Kopeechka actors themselves.

To confirm customers’ telephone numbers through the account registration, Kopeechka presents entry to 16 totally different on-line SMS providers, principally originating from Russia.

“All these processes may be totally automated, which may enable cybercriminals to create probably lots of of accounts or extra in only a few seconds, so long as they have the funds for of their Kopeechka account,” the researchers stated.

In response to researchers, the software is just not essentially unlawful, but it surely facilitates cybercrime operations amongst lower-skilled criminals.

“We imagine that the long-established popularity of Kopeechka performs a job in its reputation with cybercriminals: Malicious actors seem to imagine {that a} services or products is extra dependable due to it,” Pattern Micro stated.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Study extra.

No earlier article

No new articles

Daryna Antoniuk

Daryna Antoniuk
is a contract reporter for Recorded Future Information based mostly in Ukraine. She writes about cybersecurity startups, cyberattacks in Jap Europe and the state of the cyberwar between Ukraine and Russia. She beforehand was a tech reporter for Forbes Ukraine. Her work has additionally been printed at Sifted, The Kyiv Impartial and The Kyiv Submit.