Sep 2012 - Social Networks & Fake Accounts: New Heaven for Spammers & Attackers

WHO:: Daniel Peck (http://www.linkedin.com/pub/daniel-peck/2/b55/119), Research Scientist at Barracuda Labs (http://www.barracudalabs.com/)

ABSTRACT::

Social connections and interactions are the core value of current online social media platforms, and have greatly improved the communication efficiency of both individuals and businesses. However, these core features are also enabling spammers and hackers to easily attack innocent users on a large scale. Many social engineering tricks, such as click-jacking, phishing and fake apps, can be effectively delivered to millions of users in a short amount of time. One of the fastest growing threats on social networks is the fake social botnet. Fake social botnets contain fake users or pages, fake apps, and fake interactions (such as likes, followings or comments). These social elements fundamentally break the trust model that all online social platforms try to build. These fake profiles and apps give attackers a long-lived path to continuously present malicious links and malware to innocent users. Friending fake accounts can lead to not only rampant spamming attacks and also account takeover using Facebook's trusted friend account recovery.

This session reviews a five-month study on Facebook to analyze >2,000 Facebook profiles used by attackers. Based on the data, we are able to determine features and patterns that distinguish fake users from real users, and created a feature-based heuristic engine to identify fake profiles. This study also reviews the booming underground economy on Twitter, where buying and selling fake Twitter followers involve hundreds of dealers, ten of thousands of abusers and numerous fake accounts which can be easily used to spread malicious links and malware on a large scale. Finally, this interactive session will discuss the scale and nature of malicious social activities and explore ways to remediate them.

BIO::
Daniel Peck is a research scientist for Barracuda Labs at Barracuda Networks. His current interest is in applying social media analysis to existing security solutions. Other notable research includes being the co-creator of Caffeine Monkey, a tool for performing behavioral profiling of javascript, and demonstrating widespread validation vulnerabilities control system field devices. Prior to joining Barracuda Networks, Peck was the Offensive Security Researcher at Digital Bond, and a security researcher for SecureWorks.