1,100 Phones, Zero Humans: Inside the Hack That Exposed TikTok's Shadow Ad Machine

Recent discoveries of phone farms reveal a massive operation where AI-generated influencers are saturating TikTok with hidden advertisements. These automated accounts mimic real creators so effectively that many viewers fail to realise they are watching a programmed marketing campaign.

As technology advances, the line between genuine content and silent digital promotion continues to vanish.

Security Breach Exposes Secretive Marketing Network

A hack has hit Doublespeed (a16z), an Andreessen Horowitz-backed startup that employs a phone farm to run hundreds of AI-generated social media profiles for product promotion. Data from the hack shows which products these AI-powered accounts advertise, often without the required 'ad' disclosures.

The incident also allowed the hacker to take over more than 1,000 mobile handsets used by the company to power its network. Fearing repercussions from the startup, the hacker asked to stay anonymous and noted that he first informed Doublespeed of the security gap on 31 October.

Vulnerability Reported but Backend Access Persists

The hacker claimed that he currently maintains entry to the firm's internal systems, including the physical phone farm. Doublespeed has yet to provide a statement regarding the situation.

'I could see the phones in use, which manager (the PCs controlling the phones) they had, which TikTok accounts they were assigned, proxies in use (and their passwords), and pending tasks. As well as the link to control devices for each manager,' the attacker explained to Emanuel Maiberg at 404Media.

He noted that he also had the links needed to operate the devices under each manager. 'I could have used their phones for compute resources, or maybe spam. Even if they're just phones, there are around 1100 of them, with proxy access, for free. I think I could have used the linked accounts by puppeting the phones or adding tasks, but haven't tried.'

Significant Investment Fuels Automated Marketing Growth

Maiberg reported in October that Doublespeed obtained $1 million (£0.75 million) from a16z through the 'Speedrun' program, a rapid 12-week accelerator helping startups navigate key growth periods. By utilising generative AI, the firm populates social media with a high volume of accounts and content to endorse products on behalf of its client base.

Networks like TikTok try to spot and ban such coordinated campaigns for violating policies against deceptive behaviour. This is the reason Doublespeed relies on a bank of physical phones to mirror how genuine users behave. It is a common tactic where 'click farms' utilise hundreds of smartphones to fabricate engagement or reviews while attempting to stay under the radar of moderators.

Visual Evidence Confirms Compromise of Device Racks

The hacker told Maiberg that about 1,100 of Doublespeed's smartphones were within his reach. He provided proof by seizing control of one phone's camera, capturing an image that appeared to show it stored on a rack with other devices.

The hacker provided a list of over 400 TikTok accounts managed by Doublespeed. A review by 404 Media found that roughly 200 of these profiles were actively marketing goods, typically without the necessary disclosures. It remains uncertain whether the remaining accounts had previously promoted items or were currently being 'warmed up'—a term the company uses to make profiles look genuine and prevent them from being banned.

'I've seen TikTok accounts operated by Doublespeed promote language learning apps, dating apps, a Bible app, supplements, and a massager,' Maiberg said.

AI Persona Used to Market Products via Social Media

A health-focused TikTok profile operated by Doublespeed, under the name Chloe Davis, uploaded nearly 200 slideshows featuring an AI-generated middle-aged woman. Throughout these posts, the character typically discusses various bodily pains and her methods for managing them. The final picture in each sequence consistently shows a person using a massage roller from the firm Vibit. There has been no response from Vibit following a request for comment.

Another profile managed by Doublespeed, named pattyluvslife, shared numerous slide shows featuring a young woman claiming to be a UCLA student. The content regularly criticises the supplement industry and large pharmaceutical companies as being fraudulent. However, the posts simultaneously endorse a moringa product from a brand called Rosabella.

The AI-generated woman is often shown with the bottle, though the distorted, illegible labels make the fabrication obvious. Rosabella, which claims the product is currently trending on TikTok, did not respond when contacted.

Platform Policies Challenged by Rapid Expansion of AI Media

While much of the content from Doublespeed's TikTok handles consists of AI-generated stills, the firm can also produce full videos. One such account shared footage of a young woman posing for the camera to market Playkit, an agency that typically hires people to promote brands. Ironically, this is the very type of business that Doublespeed's AI could eventually make redundant. Playkit has not responded to inquiries.

According to TikTok, creators must disclose AI-generated content that appears lifelike. In response to being notified about the Doublespeed network, TikTok added labels to the relevant accounts. While a16z did not reply to requests for comment, the startup is eyeing growth on other social networks. Reddit previously noted that this activity would violate its terms, and while Meta has not responded, the business model seems to contradict Meta's rules on authentic representation directly.

Potential Conflict of Interest as AI Network Targets Meta Platforms

Although it currently appears to function only on TikTok, Doublespeed has expressed intentions to roll out to X, Reddit, and Instagram in the near future. Back in October, a spokesperson for Reddit confirmed that using such a service would violate their terms.

Meta has remained silent on the issue, a point made more significant by Marc Andreessen's role on its board of directors. The business clearly flouts Meta's existing policies that require users to present themselves authentically.