Invasion Of The Facebook Snatchers
If you think that Facebook’s 600,000 compromised logins per day are not enough, you’d better read an interesting paper issued by a group of researchers from University of British Columbia, concerning the capability to use socialbots, that is software driven fake identities controlled by a bootmaster, to lure real Facebook users with the purpose of stealing sensitive data, and more in general, every kind of information with a potential monetary value.
Social Networks are gaining more and more importance for everyday life, both on a microscopic and on a macroscopic scale. On a microscopic scale they influence the life of a growing number of individuals who concentrate there their personal and professional interests; on a macroscopic scale Social Networks played (and are playing) a crucial role for the Arab Spring, both on a social and military perspective, not only they were the virtual weapons for protesters to witness the events in Tunisia, Egypt, Libya and Syria (but also for the loyalists with actions of propaganda and misinformation), but they were also used by NATO as real weapons in Libya to identify potentially targets to strike after “strong authentication” with conventional technologies (such as satellites).
Of course this constantly growing influence is attracting attentions from governments (which are evaluating technologies to monitor and eventually counteract the streams of information) but also from individuals who look at the weaknesses of social networks (and more in general at the scarce attention towards privacy by many users) as a mean for stealing money and information, a new form of richness of the Web 2.0 era.
The idea behind this research is not completely new, and takes into consideration two well known risk factors for Social Networks: reputation and privacy. The (fake) social reputation of a malicious individual can lure legitimate users to connect with untrusted contacts, after the connection, the poor attention for privacy settings together with a superficial behavior can bring to users to reveal, through the social channel, personal and classified information. This is the reason why resounding examples of fake profiles (with human beings behind) are not new for social networks, for scientific or amusement purposes: the names of Robin Sage and Primoris Era should sound familiar to many.
On the other hand not even the possibility to develop software-based fake social personas is a completely new, at least in theory and, most of all with military purposes, if it is true that the U.S. Department of Defense is developing software personas for propaganda actions inside the Social Network Battlefield.
What is completely new is the fact that no one so far had been able to show the results of a research done with software based socialbots since, so far, only human fake profiles were used to steal informations.
So what happens when bots, a concept proper of Information Security, meet social networks?
The results, at least for Facebook are frustrating: the above mentioned paper shows that, starting with a socialbotnet of 102 socialbots (49 male profiles and 53 female profiles) controlled by a single botmaster, the researchers were able to infiltrate Facebook, fully automating the operation of the Socialbotnet (including fake accounts creation).
The average success rate was 59.1%, with peaks close to 80%, which in several cases, depending on users’ privacy settings, resulted in privacy breaches (harvested data included email addresses, phone numbers, and other profile information with potential monetary value). Even worst, collected data included also private data of users who had not been infiltrated, but were only “guilty” to be somehow connected to infiltrated users, with an average collection day of 175 new chunks of publicly-unaccessible users’ data per socialbot per day.
The infiltration turned into 8,570 connection requests in a timeframe of 8 weeks with 250 Gb of data collected. Moreover the Social Network Defenses, such as the Facebook Immune System, resulted not effective enough in detecting or stopping the infiltration as it occurs: they were effective only when users were able to recognize the fake profiles and mark them as spam. Curiously this happened only in 20 cases (nearly the 20% of the total), all related to female profiles.
From the users’ side, (an easily predictable statement) the research confirms that most users are not careful enough when accepting connection requests sent by strangers, especially when they have mutual connections (the so called triadic closure principle, one of the foundations of the Social Networks).
Personal and Professional Social Networkers (and organizations that are approaching Social Networks) are advised!
- 721,294 hits since November 2010
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
About This Blog
In this blog I express my personal opinion, which does not necessarily reflects the opinion of my organization, about events and news or interest, concerning information security, winking to mobile world and, why not, to some curious personal event.
Every information is reported with its source.
Anyone intending to use information contained in my post is free to do so, provided that mention my blog in your article.
Top Posts & Pages
- List Of Hacked Celebrities Who Had (Nude) Photos Leaked
- 2012 Cyber Attacks Statistics
- 2013 Cyber Attacks Timeline Master Index
- 2013 Cyber Attacks Statistics (Summary)
- 1-15 February 2014 Cyber Attacks Timeline
- 2013 Cyber Attacks Statistics
- August 2013 Cyber Attacks Statistics
- 2012 Cyber Attacks Timeline Master Index
- A (Graphical) World of Botnets and Cyber Attacks
- Next Generation Firewalls and Web Applications Firewall Q&A
- Web Security For Advanced Malware And Persistent Threats info.lastline.com/blog/web-secur… - 5 days ago
- @lazy_daemon @malm0u53 @unibirmingham @lastlineinc You can find it in the project main page together with the report: c2report.org - 6 days ago
- An Interesting #infographic from the same project promoted by @unibirmingham in collaboration with @lastlineinc http://t.co/OlrisuUkNZ - 6 days ago
- Command & Control, Understanding, Denying and Detecting: c2report.org/report.pdf - 6 days ago
- RT @lastlineinc: The New Age Of The Security Startup - @TechCrunch article featuring Lastline: hub.am/1dnTBGu http://t.co/9oOZUVgMH9 - 1 week ago
- 1-15 February 2014 Cyber Attacks Timeline wp.me/p14J6X-2xl - 1 week ago
- RT @lastlineinc: @RSAConference is far from over. Come meet our team at booth 2537 to talk everything security! http://t.co/mQNB8cbQtw - 1 week ago
- @lastlineinc named Best Security Startup at the Annual Info Security 2014 Global Excellence Industry Awards info.lastline.com/blog/lastline-… - 2 weeks ago
- RT @lastlineinc: Kicking off @RSAConference with 5 wins, including Best New Security Start-Up @infosecuritypg Excellence Awards: http://t.c… - 2 weeks ago
- @lastlineinc announces Interoperability with @hpsecurity TippingPoint lastline.com/company/press-… - 2 weeks ago