Last night I came across the app InstLike in the iOS App Store. It had well over 3500 reviews (on the Swedish store) and sported a 4.5 star rating. I initially thought it must’ve bought its place on the top list.

Ratings galore!

But when I looked at the reviews, I found that the reviewers’ names were all too Swedish to be bought. I decided to try it out.

First of all, I found the reason for the high ratings pretty quick. If you rated it on the App Store, you earned 100 coins for free. Secondly, it has In App Purchases for more coins, and in addition you “earn” 20 coins each day, just for using the app.


Let me just sidetrack into the coins for a moment. One coin equals one like, and the lowest quantity of coins you can buy is 100 for $1. Meaning that one zombie-like equals one cent. That’s what you’re worth in this system. It does not offer any volume discount, as the highest amount of coins (5000) will cost you $50.

I’m pretty sure this system violates the third point in the Basic Terms section of the Instagram Terms of Service.

Your value in the botnet.

Anyhow, let’s return to how the app delivers likes to your pictures.Or at least, how I believe it’s being done.

As a user of the app you have to login with your Instagram account. Nothing unusual here, you have to do this with a lot of apps and websites that are made to interact with Instagram.

After you have logged on, you are given your free 20 coins and you’re ready to have a picture liked with the amount you choose, if you can afford it. You can also choose to get a random amount of likes on every new picture you have. After you’ve selected your photo, or video, and the amount of likes, they start pouring in.

Three minutes after I chose my picture and 20 likes to be added to it. (Names blurred, because I believe they’re real.)

So, how does this work? I’m pretty sure that the app has a database where, when you connect your Instagram account to the app, it stores your granted access in order to deliver likes that people pay for later.

I left my account connected through out the night, and woke up to a confirmation of my hypothesis. My account had liked several pictures during the night.

It’s effectively a voluntary botnet.


This poses an interesting question. Who is losing in this equation?
People are gaining likes, and maybe new followers, on their photos and videos, the developer is earning a handsome profit (I imagine the operating costs are pretty low) and as Instagram doesn’t have an income at the moment — they’re not losing out on any revenue.

I believe that most of the users don’t know that their accounts are being used covertly, but also that they don’t mind it, as random liking can induce a reciprocal liking — as per the description of the AutoLike function the app has. Through that it will, and quite openly so, use your account to randomly spread 500 of your likes across 100 minutes.

The answer then must be that we’re all losing.

Even though some Instagram users might not have anything against this system, and the privacy violation in allowing a robot to take over your Instagram account, it might throw off the whole “economy” of likes.

If we cannot sufficiently deduce if a picture is liked by real people or by an automated system, they become inflationary and loses all value.

It will be very interesting to see how this unfolds.


Disclaimer shown when you login with the app

Update

I missed the initial disclaimer pictured above. It doesn’t use the API to deliver this, basically circumventing the API.

I logged out of the app, but it continued to like pictures every now and then, without my consent. I changed my password, in hopes that it will block any future zombie liking.