If you think that Facebook’s 600,000 compromised logins per day are not enough, you’d better read an interesting paper issued by a group of researchers from University of British Columbia, concerning the capability to use socialbots, that is software driven fake identities controlled by a bootmaster, to lure real Facebook users with the purpose of stealing sensitive data, and more in general, every kind of information with a potential monetary value.
Social Networks are gaining more and more importance for everyday life, both on a microscopic and on a macroscopic scale. On a microscopic scale they influence the life of a growing number of individuals who concentrate there their personal and professional interests; on a macroscopic scale Social Networks played (and are playing) a crucial role for the Arab Spring, both on a social and military perspective, not only they were the virtual weapons for protesters to witness the events in Tunisia, Egypt, Libya and Syria (but also for the loyalists with actions of propaganda and misinformation), but they were also used by NATO as real weapons in Libya to identify potentially targets to strike after “strong authentication” with conventional technologies (such as satellites).
Of course this constantly growing influence is attracting attentions from governments (which are evaluating technologies to monitor and eventually counteract the streams of information) but also from individuals who look at the weaknesses of social networks (and more in general at the scarce attention towards privacy by many users) as a mean for stealing money and information, a new form of richness of the Web 2.0 era.
The idea behind this research is not completely new, and takes into consideration two well known risk factors for Social Networks: reputation and privacy. The (fake) social reputation of a malicious individual can lure legitimate users to connect with untrusted contacts, after the connection, the poor attention for privacy settings together with a superficial behavior can bring to users to reveal, through the social channel, personal and classified information. This is the reason why resounding examples of fake profiles (with human beings behind) are not new for social networks, for scientific or amusement purposes: the names of Robin Sage and Primoris Era should sound familiar to many.
On the other hand not even the possibility to develop software-based fake social personas is a completely new, at least in theory and, most of all with military purposes, if it is true that the U.S. Department of Defense is developing software personas for propaganda actions inside the Social Network Battlefield.
What is completely new is the fact that no one so far had been able to show the results of a research done with software based socialbots since, so far, only human fake profiles were used to steal informations.
So what happens when bots, a concept proper of Information Security, meet social networks?
The results, at least for Facebook are frustrating: the above mentioned paper shows that, starting with a socialbotnet of 102 socialbots (49 male profiles and 53 female profiles) controlled by a single botmaster, the researchers were able to infiltrate Facebook, fully automating the operation of the Socialbotnet (including fake accounts creation).
The average success rate was 59.1%, with peaks close to 80%, which in several cases, depending on users’ privacy settings, resulted in privacy breaches (harvested data included email addresses, phone numbers, and other profile information with potential monetary value). Even worst, collected data included also private data of users who had not been infiltrated, but were only “guilty” to be somehow connected to infiltrated users, with an average collection day of 175 new chunks of publicly-unaccessible users’ data per socialbot per day.
The infiltration turned into 8,570 connection requests in a timeframe of 8 weeks with 250 Gb of data collected. Moreover the Social Network Defenses, such as the Facebook Immune System, resulted not effective enough in detecting or stopping the infiltration as it occurs: they were effective only when users were able to recognize the fake profiles and mark them as spam. Curiously this happened only in 20 cases (nearly the 20% of the total), all related to female profiles.
From the users’ side, (an easily predictable statement) the research confirms that most users are not careful enough when accepting connection requests sent by strangers, especially when they have mutual connections (the so called triadic closure principle, one of the foundations of the Social Networks).
Personal and Professional Social Networkers (and organizations that are approaching Social Networks) are advised!
- 853,669 hits since November 2010
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
About This Blog
In this blog I express my personal opinion, which does not necessarily reflects the opinion of my organization, about events and news or interest, concerning information security, winking to mobile world and, why not, to some curious personal event.
Every information is reported with its source.
Anyone intending to use information contained in my post is free to do so, provided that mention my blog in your article.
Top Posts & Pages
- 1-15 July 2014 Cyber Attacks Timeline
- List Of Hacked Celebrities Who Had (Nude) Photos Leaked
- 2014 Cyber Attacks Timeline Master Index
- 2012 Cyber Attacks Statistics
- 2013 Cyber Attacks Timeline Master Index
- A (Graphical) World of Botnets and Cyber Attacks
- 2013 Cyber Attacks Statistics (Summary)
- June 2014 Cyber Attacks Statistics
- 2013 Cyber Attacks Statistics
- 1-15 June 2014 Cyber Attacks Timeline
- @lastlineinc recognized by CRN as a 2014 Emerging Vendor | Business Wire businesswire.com/news/home/2014… - 22 hours ago
- 1-15 July 2014 Cyber Attacks Timeline #Infosec #Cyberattacks wp.me/p14J6X-2D9 - 1 day ago
- @ckreibich same test worked with an @A10Networks SSL inspector: malicious files downloaded through an https connection perfectly detected! - 5 days ago
- RT @lastlineinc: 'Cloud malware analysis a must-have for advanced threat protection' @TechTarget bit.ly/W70Opa http://t.co/ji5qWtt… - 6 days ago
- RT @cedricpernet: We are proud to be the first french guys to release a white paper about an #APT group :) ow.ly/z2fzL #cybercri… - 1 week ago
- Chinese businessman charged with hacking Boeing, Lockheed Martin ars.to/1yayEY9 - 1 week ago
- RT @lastlineinc: 1st quarter '15 earnings call from @barracuda mentions @lastlineinc to power APT protection hubs.ly/q0Hmf0 http://… - 1 week ago
- June 2014 Cyber Attacks Statistics wp.me/p14J6X-2CJ - 2 weeks ago
- I had to change the June Cyber Attacks Timeline after the revelation the alleged hack to the Hedge Fund was not real: hackmageddon.com/2014/07/02/16-… - 2 weeks ago
- @claushoumann Thank you, I really appreciate your support! It's time consuming but I believe it's worthwhile! - 2 weeks ago