Search

Rise of the Autobots: Into the Underground of Social Network Bots

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1



    First...a warning!

    Everyone knows what social networks are right? Heck..I was recently told by my mother that she has a Facebook account! Noooo....


    I have to keep changing this slide because it keeps getting bigger!

    Ummm, yeah..it still exists. The scourge of the Internet still has...


    Poor LinkedIn...still...


    However, Twitter...the fastest growing social network today...



    This shouldnt shock you but social networks are more popular then email! It’s only getting bigger....

    With socnets so popular, it’s no surprise its where the attackers are going...

    First, lets talk about the culture of trust that makes socnets work.

    Socnets want you to share as much as possible, trust everyone..they are mining your data...they are not making money yet...but they have ways to sell bits and pieces of your info.

    Why would bot’s exploit trust? Is this possible?


    How about Jennifer? Cute..single...

    and Tommy...college guy...seems friendly...

    Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends...

    Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends...

    Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends...

    Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends...

    How about 0EPb4a...She likes meeting people and selling “lapto’s”

    Now Haley...crappy profile..must be a bot right?

    Not a bot! but with 4,974 friends...lots of FAIL

    Not a bot! but with 4,974 friends...lots of FAIL

    Ok, no way Rick Astley is bot...

    It’s amazing the response you get when you are a celebrity..people love u.

    It’s amazing the response you get when you are a celebrity..people love u.

    It’s amazing the response you get when you are a celebrity..people love u.

    It’s amazing the response you get when you are a celebrity..people love u.

    It’s amazing the response you get when you are a celebrity..people love u.

    It’s amazing the response you get when you are a celebrity..people love u.

    This could have been the biggest Rick Roll ever...except that I decided to stop once I hit 666 followers. Bad omen. Not good.

    This could have been the biggest Rick Roll ever...except that I decided to stop once I hit 666 followers. Bad omen. Not good.

    This could have been the biggest Rick Roll ever...except that I decided to stop once I hit 666 followers. Bad omen. Not good.

    The point is that trust is easy to exploit...people want to trust..all these accounts were created or used with bots we will talk about. Rick is EVIL.

    Lets talk about the rise of the bots on social networks...

    It’s simple really...they automate mundane tasks, right?

    Links to SPAM, malware, Porn..etc...we are all familiar.

    But this is why spammers and others use bots...its automation on a mass scale! Easy, multi-purpose, EFFECTIVE!

    Lets dive into the bot underground to see how they function.


    First, you have to understand the business model. Three main methods I have found in the bot underground.

    Everything I have found is disguised as “Blackhat SEO”...






































    3 Favorites

    Rise of the Autobots: Into the Underground of Social Network Bots - Presentation Transcript

    1. Rise of the Autobots Into the Underground of Social Network Bots
    2. Hi! I’m not a bot • Tom Eston • Social Media Security Researcher • Pentester • Bot lover • Blog: spylogic.net • Podcast: securityjustice.com • Tweet me: agent0x0
    3. WARNING! What you are about to see violates the Terms of Service (TOS) and acceptable use policies of social networks! Accounts used in these tests have been deleted or “removed” (not by me...) Don't try this at home! KTHKSBAI
    4. Social Networks
    5. 200 Million Users
    6. 110 Million Users
    7. 35 Million Users
    8. Grew 752% in 2008
    9. 8 Million Visitors in March 2009
    10. \"Social Networks & Blogs are now the 4th most popular online activity, ahead of personal email.\" -Nielsen Online Report, March 2009
    11. It’s a target rich environment...
    12. The Culture of Trust
    13. Why is trust important? • It’s how social networks work! • Trust EVERYONE! • Share as much as possible...the social networks don’t mind! • Social networks are mining your data!
    14. Trust exploited by Bots??
    15. Bot or Not?
    16. BOT!! Bot or Not?
    17. Bot or Not?
    18. BOT!! Bot or Not?
    19. FAIL!
    20. Bot or Not?
    21. BOT!! Bot or Not?
    22. Bot or Not?
    23. Not a Bot!
    24. Not a Bot! But still... LOTS OF FAIL!
    25. Bot or Not?
    26. BOT!! Bot or Not?
    27. Biggest Rick Roll ever?
    28. Biggest Rick Roll ever?
    29. Biggest Rick Roll ever?
    30. Biggest Rick Roll ever?
    31. What’s the point? • Trust is easy to exploit! • People will trust bots... • Accounts were created and used with tools we will talk about • Rick Astley is EVIL!
    32. The Rise of the Bots
    33. What are bots? “...perform tasks that are both simple and structurally repetitive at a much higher rate than a human alone.” “Applications that run automated tasks”
    34. Ever see this?
    35. Why use Bots? • Automation...on a mass scale • Easy to use • Multiple purpose • Malware, Blackhat SEO, phishing...pr0n! • Highly Effective
    36. The Bot Underground
    37. “It’s the “Spammers Choice!”
    38. The Underground Business Model • Create and Sell accounts • Buy and Use accounts • Custom bot scripts and software (Freelancing)
    39. It’s all about Blackhat SEO... • Not just for search engine rankings! • Evil Search Engine Optimization techniques... • PPC (Pay Per Click) • PPI (Pay Per Install) • Cookie Stuffing How money is made on the “net”
    40. Want to know more?
    41. What’s for Sale? • Hacked accounts • Hacked accounts w/friends (more friends, more $$) • Webmail accounts (verified) • Bot software/scripts • Services!
    42. Example...
    43. Let’s talk $$ • Facebook w/30+ Friends = $8 • Facebook Phone Verified = $5/$6 • 1,000 Gmail Accounts = $13 • 500 YouTube Accounts = $30
    44. But there are controls in place, right?
    45. What about CAPTCHA?
    46. CAPTCHA=FAIL • Algorithms can be cracked • OCR technology • They have hawt chix • and if that doesn’t work...
    47. OUTSOURCE IT!
    48. OR...use Melissa! She wants you..srsly
    49. What about Friend Request/ Messaging Controls...
    50. Phone SMS Verification? • Great idea! But...can be broken..
    51. It kind of works, but... • Prepaid cell phones • Overseas virtual SMS Services (SMS Receive) • SMS back to ICQ and Yahoo Messenger (works with some socnets)
    52. How about rate Limits? • Easy to bypass...just test it, modify your code and/or slow down!
    53. Types of Bots on Social Networks
    54. Good Bots
    55. Twitter Bots
    56. n0taB0t • Tweets mindless rants.... • Likes to reply to you • Likes Notacon • Mostly harmless
    57. Annoying Bots
    58. Auto Follow/ Reply • Bots looking for “keywords” in your tweets...
    59. Evil Bots
    60. U-Bot
    61. U-Bot in Action
    62. Webdominator
    63. Webdominator in Action
    64. Need help?
    65. Other Pay Services
    66. Realboy • Project to make Twitter bots as human as possible! • Real interactions with your Twitter network • Source code available...
    67. Social Network Botnets? • Malware distribution for C&C • Koobface! • DDos botnet via third-party applications • Facebot! • Control a botnet via Twitter?
    68. Twitter for Botnet C&C • Bot looks for commands on legitimate Twitter accounts • Takes action based on the command • Commands are obfuscated • Proof of Concept code released today at Notacon! • “TwitterBot” created by Robin Wood aka: @digininja
    69. Twitterbot C&C In Action
    70. TwitterBot Enhancements • add a hash (or part of) to the command to stop fake requests • encrypt the whole command (obfuscation) • get the bot to talk back Get it now at: http://www.digininja.org/twitterbot/
    71. Is the end near? How to stop the bots!
    72. Bot detection • Look carefully! • Lots of clues..spammer s are doing it wrong! • Programs/API’s to detect (Twitter specific)
    73. Some possible solutions... • Account creation/message throttling • Why can you still create multiple accounts from the same IP?? WTF? • No more opt-in developer models! • Education of users? We can try...the socnets won’t!
    74. But wait...there’s more! • socialnetworkbots.com • open source project • Twitter and other bots (n0tab0t).... • get the code...don’t use your real account! • Twitterbot Command & Control POC Code: www.digininja.org/twitterbot
    75. Questions?

    + agent0x0agent0x0, 6 months ago

    custom

    867 views, 3 favs, 1 embeds more stats

    How do you know that last friend request or Twitter more

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 867
      • 844 on SlideShare
      • 23 from embeds
    • Comments 0
    • Favorites 3
    • Downloads 0
    Most viewed embeds
    • 23 views on http://socialmediasecurity.com

    more

    All embeds
    • 23 views on http://socialmediasecurity.com

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    -->
    Search
    RSS Feed
    What's new?

    © 2009 SlideShare Inc. All Rights Reserved