• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Rise of the Autobots: Into the Underground of Social Network Bots
 

Rise of the Autobots: Into the Underground of Social Network Bots

on

  • 7,612 views

How do you know that last friend request or Twitter follower was an actual live human being? The truth is...you don't! Bots and bot manufacturers have become rampant in social networks such as ...

How do you know that last friend request or Twitter follower was an actual live human being? The truth is...you don't! Bots and bot manufacturers have become rampant in social networks such as MySpace, Facebook and Twitter exploiting the trust relationships that make social media work. Why are bots taking control of social networks? It's simple. Social networks are the fastest growing phenomenon of our time. For example, Facebook alone recently reached 150 million potential targets for spammers, malware authors, and other undesirables in 2008. Social networks are only getting bigger and bots will be part of this trend.

This presentation will take you on a journey into the thriving bot underground where bots are manufactured for every purpose imaginable. We will talk about good bots, bad bots, really evil bots, how to identify bots, terminating bots and the future possibility of social network botnets to rule them all.

This was presented at Notacon 6 in Cleveland Ohio.

Statistics

Views

Total Views
7,612
Views on SlideShare
6,253
Embed Views
1,359

Actions

Likes
5
Downloads
6
Comments
4

7 Embeds 1,359

http://socialmediasecurity.com 1223
http://www.future-web-net.com 110
http://www.slideshare.net 18
https://www.linkedin.com 3
http://translate.googleusercontent.com 2
http://www.linkedin.com 2
https://si0.twimg.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Apple Keynote

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

14 of 4 previous next Post a comment

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • Try downloading now. I disable downloads because all my presentations are in Keynote. Email me for a PDF version. Thanks!
    Are you sure you want to
    Your message goes here
    Processing…
  • It seems like you disabled downloading for all your slides. Not a very smart thing to do if you want to increase your profile within the government.
    Are you sure you want to
    Your message goes here
    Processing…
  • Relevant post on social networking bots here: http://freshdata.wordpress.com/2010/11/18/social-networking-bots-analyzing-the-rate-of-friendship/

    He does some cool research
    Are you sure you want to
    Your message goes here
    Processing…
  • this is ridicules. some times bots can be used as a means of informative service. Its all the way you think and use the technology. try to make bots which are useful not distracting.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • <br />
  • <br />
  • First...a warning! <br />
  • Everyone knows what social networks are right? Heck..I was recently told by my mother that she has a Facebook account! Noooo.... <br />
  • <br />
  • I have to keep changing this slide because it keeps getting bigger! <br />
  • Ummm, yeah..it still exists. The scourge of the Internet still has... <br />
  • <br />
  • Poor LinkedIn...still... <br />
  • <br />
  • However, Twitter...the fastest growing social network today... <br />
  • <br />
  • <br />
  • This shouldnt shock you but social networks are more popular then email! It’s only getting bigger.... <br />
  • With socnets so popular, it’s no surprise its where the attackers are going... <br />
  • First, lets talk about the culture of trust that makes socnets work. <br />
  • Socnets want you to share as much as possible, trust everyone..they are mining your data...they are not making money yet...but they have ways to sell bits and pieces of your info. <br />
  • Why would bot’s exploit trust? Is this possible? <br />
  • <br />
  • How about Jennifer? Cute..single... <br />
  • and Tommy...college guy...seems friendly... <br />
  • Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends... <br />
  • Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends... <br />
  • Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends... <br />
  • Poor Sarah. [READ IT]. Too bad she confirmed the bot as a friend at 8am and at noon, sent this message. Must be because she has 700 friends... <br />
  • How about 0EPb4a...She likes meeting people and selling “lapto’s” <br />
  • Now Haley...crappy profile..must be a bot right? <br />
  • Not a bot! but with 4,974 friends...lots of FAIL <br />
  • Not a bot! but with 4,974 friends...lots of FAIL <br />
  • Ok, no way Rick Astley is bot... <br />
  • It’s amazing the response you get when you are a celebrity..people love u. <br />
  • It’s amazing the response you get when you are a celebrity..people love u. <br />
  • It’s amazing the response you get when you are a celebrity..people love u. <br />
  • It’s amazing the response you get when you are a celebrity..people love u. <br />
  • It’s amazing the response you get when you are a celebrity..people love u. <br />
  • It’s amazing the response you get when you are a celebrity..people love u. <br />
  • This could have been the biggest Rick Roll ever...except that I decided to stop once I hit 666 followers. Bad omen. Not good. <br />
  • This could have been the biggest Rick Roll ever...except that I decided to stop once I hit 666 followers. Bad omen. Not good. <br />
  • This could have been the biggest Rick Roll ever...except that I decided to stop once I hit 666 followers. Bad omen. Not good. <br />
  • The point is that trust is easy to exploit...people want to trust..all these accounts were created or used with bots we will talk about. Rick is EVIL. <br />
  • Lets talk about the rise of the bots on social networks... <br />
  • It’s simple really...they automate mundane tasks, right? <br />
  • Links to SPAM, malware, Porn..etc...we are all familiar. <br />
  • But this is why spammers and others use bots...its automation on a mass scale! Easy, multi-purpose, EFFECTIVE! <br />
  • Lets dive into the bot underground to see how they function. <br />
  • <br />
  • First, you have to understand the business model. Three main methods I have found in the bot underground. <br />
  • Everything I have found is disguised as “Blackhat SEO”... <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />
  • <br />

Rise of the Autobots: Into the Underground of Social Network Bots Rise of the Autobots: Into the Underground of Social Network Bots Presentation Transcript

  • Rise of the Autobots Into the Underground of Social Network Bots
  • Hi! I’m not a bot • Tom Eston • Social Media Security Researcher • Pentester • Bot lover • Blog: spylogic.net • Podcast: securityjustice.com • Tweet me: agent0x0
  • WARNING! What you are about to see violates the Terms of Service (TOS) and acceptable use policies of social networks! Accounts used in these tests have been deleted or “removed” (not by me...) Don't try this at home! KTHKSBAI
  • Social Networks
  • 200 Million Users
  • 110 Million Users
  • 35 Million Users
  • Grew 752% in 2008
  • 8 Million Visitors in March 2009
  • quot;Social Networks & Blogs are now the 4th most popular online activity, ahead of personal email.quot; -Nielsen Online Report, March 2009
  • It’s a target rich environment...
  • The Culture of Trust
  • Why is trust important? • It’s how social networks work! • Trust EVERYONE! • Share as much as possible...the social networks don’t mind! • Social networks are mining your data!
  • Trust exploited by Bots??
  • Bot or Not?
  • BOT!! Bot or Not?
  • Bot or Not?
  • BOT!! Bot or Not?
  • FAIL!
  • Bot or Not?
  • BOT!! Bot or Not?
  • Bot or Not?
  • Not a Bot!
  • Not a Bot! But still... LOTS OF FAIL!
  • Bot or Not?
  • BOT!! Bot or Not?
  • Biggest Rick Roll ever?
  • Biggest Rick Roll ever?
  • Biggest Rick Roll ever?
  • Biggest Rick Roll ever?
  • What’s the point? • Trust is easy to exploit! • People will trust bots... • Accounts were created and used with tools we will talk about • Rick Astley is EVIL!
  • The Rise of the Bots
  • What are bots? “...perform tasks that are both simple and structurally repetitive at a much higher rate than a human alone.” “Applications that run automated tasks”
  • Ever see this?
  • Why use Bots? • Automation...on a mass scale • Easy to use • Multiple purpose • Malware, Blackhat SEO, phishing...pr0n! • Highly Effective
  • The Bot Underground
  • “It’s the “Spammers Choice!”
  • The Underground Business Model • Create and Sell accounts • Buy and Use accounts • Custom bot scripts and software (Freelancing)
  • It’s all about Blackhat SEO... • Not just for search engine rankings! • Evil Search Engine Optimization techniques... • PPC (Pay Per Click) • PPI (Pay Per Install) • Cookie Stuffing How money is made on the “net”
  • Want to know more?
  • What’s for Sale? • Hacked accounts • Hacked accounts w/friends (more friends, more $$) • Webmail accounts (verified) • Bot software/scripts • Services!
  • Example...
  • Let’s talk $$ • Facebook w/30+ Friends = $8 • Facebook Phone Verified = $5/$6 • 1,000 Gmail Accounts = $13 • 500 YouTube Accounts = $30
  • But there are controls in place, right?
  • What about CAPTCHA?
  • CAPTCHA=FAIL • Algorithms can be cracked • OCR technology • They have hawt chix • and if that doesn’t work...
  • OUTSOURCE IT!
  • OR...use Melissa! She wants you..srsly
  • What about Friend Request/ Messaging Controls...
  • Phone SMS Verification? • Great idea! But...can be broken..
  • It kind of works, but... • Prepaid cell phones • Overseas virtual SMS Services (SMS Receive) • SMS back to ICQ and Yahoo Messenger (works with some socnets)
  • How about rate Limits? • Easy to bypass...just test it, modify your code and/or slow down!
  • Types of Bots on Social Networks
  • Good Bots
  • Twitter Bots
  • n0taB0t • Tweets mindless rants.... • Likes to reply to you • Likes Notacon • Mostly harmless
  • Annoying Bots
  • Auto Follow/ Reply • Bots looking for “keywords” in your tweets...
  • Evil Bots
  • U-Bot
  • U-Bot in Action
  • Webdominator
  • Webdominator in Action
  • Need help?
  • Other Pay Services
  • Realboy • Project to make Twitter bots as human as possible! • Real interactions with your Twitter network • Source code available...
  • Social Network Botnets? • Malware distribution for C&C • Koobface! • DDos botnet via third-party applications • Facebot! • Control a botnet via Twitter?
  • Twitter for Botnet C&C • Bot looks for commands on legitimate Twitter accounts • Takes action based on the command • Commands are obfuscated • Proof of Concept code released today at Notacon! • “TwitterBot” created by Robin Wood aka: @digininja
  • Twitterbot C&C In Action
  • TwitterBot Enhancements • add a hash (or part of) to the command to stop fake requests • encrypt the whole command (obfuscation) • get the bot to talk back Get it now at: http://www.digininja.org/twitterbot/
  • Is the end near? How to stop the bots!
  • Bot detection • Look carefully! • Lots of clues..spammer s are doing it wrong! • Programs/API’s to detect (Twitter specific)
  • Some possible solutions... • Account creation/message throttling • Why can you still create multiple accounts from the same IP?? WTF? • No more opt-in developer models! • Education of users? We can try...the socnets won’t!
  • But wait...there’s more! • socialnetworkbots.com • open source project • Twitter and other bots (n0tab0t).... • get the code...don’t use your real account! • Twitterbot Command & Control POC Code: www.digininja.org/twitterbot
  • Questions?