x
advertisement
Filtered By: Hashtag
Hashtag

Botnet infiltrates, harvests data from Facebook


Now it can be told: For eight weeks, a "social-bot" network (Sbn) managed to infiltrate social networking site Facebook and harvest data from its users.
 
The researchers from the University of British Columbia noted Facebook's present defenses could not detect or stop a large-scale infiltration.
 
"We operated such an SbN on Facebook — a 750 million user OSN — for about eight weeks. We collected data related to users' behavior in response to a large-scale infiltration where socialbots were used to connect to a large number of Facebook users," researchers Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu said in their research abstract.
 
Among the findings of the researchers are:
 
  • OSNs such as Facebook can be infiltrated with a success rate of up to 80 percent
  • Depending on users' privacy settings, a successful infiltration can result in privacy breaches where even more users' data are exposed when compared to a purely public access
  • In practice, OSN security defenses, such as the Facebook Immune System, are not effective enough in detecting or stopping a large-scale infiltration as it occurs.
 
According to the researchers, social networks in the wrong hands can be used to run "astroturf campaigns" to spread misinformation and propaganda.
 
In their research, they used socialbots, computer programs that control online social network (OSN) accounts and mimic real users
 
Out of these socialbots, they fashioned a Socialbot Network (SbN), or a group of adaptive socialbots orchestrated in a command-and-control fashion. 
 
Computer security firm Sophos said the socialbots attempt to pass themselves off as being a real, living human being rather than computer code.
 
"Although Facebook puts steps in place to try to avoid the automated creation of accounts, the researchers relate how it would be possible to use online services to break CAPTCHAs, and populated their bogus accounts' profile images with attractive photos from HotOrNot," it said.
 
It added fake Facebook status updates were also easy to generate, using an API provided by iheartquotes.com for random sayings.
 
Socialbots can thus infiltrate friend networks by connecting to users, and could even be used to spread misinformation and propaganda to influence others.
 
Worse, a socialbot can be used to harvest personal information such as email addresses and phone numbers.
 
Socialbot network
 
Sophos said the researchers built an Socialbot Network with 102 Socialbots and a single botmaster, and ran the operation for eight weeks.
 
During that time the SbN made 8,570 friend requests and recorded all of the profile information accessed from "friends."
 
The private data of other users who had not been infiltrated was also exposed.
 
"In all, the researchers' socialbots made Facebook friends with 3,055 people and grew its extended network to a total of 1,085,785 profiles," Sophos said.
 
One of the researchers' findings was that the more friends someone has on Facebook, the more likely they are to accept a friend request from a socialbot.
 
"Once the socialbots had befriended one person, they would then attempt to become Facebook friends with their friend's friends, and so on.. As they became more embedded within friend networks, the acceptance rate of friend request reached 60 percent," it said.
 
With their automated network the researchers were able to gather 35 percent of all the personally identifiable information found on their direct networks, and 24 percent from extended networks.
 
These bots also managed to gather 46,500 email addresses and 14,500 home addresses, it added.
 
"Clearly there's a lesson for Facebook users to learn there about the need to carefully vet who you allow to become your Facebook friend, and what information you choose to share online," Sophos said.
 
Facebook security systems
 
The researchers also felt that Facebook's inbuilt security systems, the Facebook Immune System (FIS), should be improved.
 
They found that FIS only blocked 20 percent of the accounts used by the socialbots, and this was only because of feedback from suspicious users who flagged the account as spam.
 
In the researchers' opinion, Facebook's security team is not taking the threat of automated accounts seriously enough.
 
"Hence, we conjecture that the FIS does not consider fake accounts as a real threat. Fake accounts, however, are one of the main [online social network] vulnerabilities that allow a botherder to run a large-scale infitration campaign. Detecting and blocking such accounts - as early as possible - is the main challenge that [online social network] security defenses like the FIS have to overcome in order to win the battle against an SbN," they said.
 
After the eighth week, the researchers voluntarily dismantled their SbN because of the amount of internet traffic it was generating.
 
"In total, the SbN generated approximately 250GB inbound and 3GB outbound traffic," they said. — TJD, GMA News
Tags: socialmedia, facebook, botnet, phishing, scam
Most Popular