Fake News As A Service (FNaaS?) – $400k To Rig An Election


This is pretty interesting, the prices for Fake News as a Service have come out after some research by Trend Micro, imagine that you can create a fake celebrity with 300,000 followers for only $2,600.

Fake News As A Service (FNaaS?) - $400k To Rig An Election

Now we all know this Fake News thing has been going on for a while, and of course, if it’s happening, some capitalist genius is going to monetize it and offer it as a professional service.

Fake news has come to be associated with political intrigue but the same propaganda techniques are also abused by cybercriminals, according to a study by Trend Micro.

The techniques and methods used to spread fake news and manipulate public opinion have a wide range of objectives and even a price list.

Cybercriminals produce, market and monetise fake news in underground markets. The scope of a campaign and intended target affect pricing. For example, campaigns aimed to spark street protests are priced at $200,000 while discrediting a journalist would cost $55,000 and creating a fake celebrity (with 300,000 followers) costs a more modest $2,600.

A year-long campaign to influence election outcomes is available for just $400,000, the study says. Whether such listings are in themselves an attempt at disinformation is certainly debatable. US intel agencies, Western politicians and security firms are nigh-on unanimous that attempts to influence the US presidential election last year were the work of the Kremlin. For example, UK defence secretary Sir Michael Fallon recently said the Kremlin is “weaponising misinformation” as part of a sustained campaign that goes beyond alleged meddling in the presidential election.


You can read the full 77 page report by Trend here: The Fake News Machine [PDF]

It’s insightful to see the types of services that are available, and how they are categorised. Now I’ve known about social media manipulation for many years (fake likes, followers, YouTube views and so on) but to see this kind of Fake News at scale, as a service is something new to me.

Fake news services typically involve the creation of fake social media profiles and groups; developing the fake content itself; driving likes and retweets for dissemination; and building legitimate-looking news sites. All these steps are designed to set up and sustain false narratives.

For an additional fee, multiple news sites can be purchased which cross reference each other to add more authenticity to the fake news campaign, the report reveals.

Chinese, Russian, Middle Eastern and English underground marketplaces offer fake news services of one type or another. Regional differences exist.

For example, in China, fake advertorials can be purchased for as little as ¥100 (£11), while in Russia 35,000 rubles (£483) will buy your video two minutes on the YouTube homepage.

The report also details an example of the dissemination of fake news, including the cynical abuse of the recent Manchester bombing attack. Mexican journalists were falsely listed in galleries as bombing victims in what’s thought to be an attack by a drug cartel. These fake victim pics were subsequently promoted through social media.

Unfortunately there’s no technical solution to thwart this, it’s purely about education. If people don’t fact check, cross check and verify sources before disseminating them this whole Fake News situation is just going to get worse and worse.

I feel like it had a serious impact on both Brexit and the Trump election, and it’s likely to stay very relevant in any large scale World events as so many people now base their opinions on what they see online.

Source: The Register

Posted in: Legal Issues, Social Engineering


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


Comments are closed.