Categories: Social Networks

The Socialbot Network

Online Social Networks(OSN) are an integral part of today’s Web. Hacktivist,Politicians, celebrities, revolutionists, and others use OSNs as carrier for their message to a wide audience.

The downside is that these powerful tools can be used to spread disinformation and propaganda. The next generation of social engineering attacks is even more deceptive; they employ an automation software called a socialbot that controls a profil in an OSN, and has the ability to execute basic online social activities.

In the attached paper, is demostrated how vulnerable OSNs are to a large-scale infltration by socialbots: computer programs that control OSN accounts and mimic real users. Adopting a traditional web-based

botnet design and built a Socialbot Network (SbN): a group of adaptive socialbots that are orchestrated in a command-and-control fashion. In the abstract are proposed tge results obtained using the following OSN Vulnerabilities:

Ineffective CAPTCHAs
Fake User Accounts and Proﬁles
Crawlable Social Graphs
Exploitable Platforms and API

The results show that OSNs, such as Facebook, can be infiltrated with a success rate of up to 80% depending on users’ privacy settings, a successful infiltration can result in privacy breaches where even more users’ data are exposed when compared to a purely public access, and in practice, OSN security defenses, such as the Facebook Immune System, are not effective enough in detecting or stopping a large scale infiltration as it occurs. I believe that large-scale infiltration in OSNs is only one of many future cyber threats, and defending against such threats is the first step towards maintaining a safer social Web for millions of active web users.

References:

The Socialbot Network: When Bots Socialize for Fame and Money

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.