Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Facebook easily infiltrated by data-harvesting bots, researchers find

Researchers build network of social bots to test how many Facebook users befriend them

Facebook's fake account detection mechanisms can be defeated 80 percent of the time with the help of automated tools, researchers from the University of British Columbia (UBC) have found after an eight-week test.

The research team, composed of Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu, created a network of 102 bots designed to mimic humans on social networks, and released them on Facebook with the intent of befriending as many users as possible and collecting private information.

"Creating a user account on an OSN [online social network] involves three tasks: providing an active email address, creating a user profile, and sometimes solving a CAPTCHA. [...] We argue that an adversary can fully automate the account creation process," the researchers wrote in a research paper which they plan to present at the 27th Annual Computer Security Applications Conference next month.

This is not a new type of attack: malware threats like Koobface have long used automatically created accounts to spam malicious links. This pushed Facebook to develop specialized detection mechanisms over the years.

Unfortunately, these defense systems are not effective enough, according to UBC researchers. The social bots they unleashed onto Facebook targeted 5,053 randomly selected users to whom they sent friend requests.

The rate at which the targeted individuals accepted these requests was 20 percent on average, with bots using female profiles having better success. However, the rate tripled when the bots started targeting friends of those who had accepted requests.

After befriending new users, the automated programs scraped their profiles, news feeds and wall posts for personal information. The collected data included things like gender, birth date, place of employment, names of attended schools, home city, current city, mail address, email address, phone number, IM account IDs and marital status.

The researchers stopped their test when the Internet traffic it generated became too heavy. The social bot network sent 3GB of data and received approximately 250GB over the course of eight weeks.

During this time, Facebook's real-time protection system only blocked 20 of the 100 fake profiles. However, on closer investigation, it was determined that those profiles were actually flagged as spam by other users.

"Our results show that (1) OSNs, such as Facebook, can be infiltrated with a success rate of up to 80%, (2) depending on users' privacy settings, a successful infiltration can result in privacy breaches where even more users' data are exposed when compared to a purely public access, and (3) in practice, OSN security defenses, such as the Facebook Immune System, are not effective enough in detecting or stopping a large-scale infiltration as it occurs," the researchers said.

Malware experts acknowledge Facebook's efforts to block automated account creation attempts on its social network. According to antivirus vendor BitDefender, the number of threats that use such techniques has decreased considerably during the past two years.

"This shift is mostly due to the fact that Facebook is continually working on improving the network's security, but, no matter the effort, cybercrooks still find ways to sneak in," Bogdan Botezatu, a spokesman for the company, said.

However, there is still a significant amount of malware that abuses already compromised accounts in order to spread on the social network. "There are numerous variants of different botnets that attempt to login to Facebook in order to spread adware or unwanted software," Adam Thomas, a threat researcher at GFI Software said.

In order to protect both their private information and their computers, social networking users should avoid accepting friend requests from unknown individuals and always be wary of links sent to them, even when the people who sent them are friends.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: BitDefender, CHA, etwork, Facebook, GFI
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: antispam, antivirus, Facebook, Identity fraud / theft, internet, Internet-based applications and services, malware, security, social media
Latest Blog Posts
Whitepapers
  • The mobile print enterprise - How IT consumerisaton is driving anytime, anywhere printing
    The widespread adoption of smartphones and tablets, across Android, BlackBerry and Apple iOS platforms, has broadened the effectiveness of professional workers to remotely support business requirements. A continued reliance on printing amongst many businesses means IT must provide enterprise mobile printing capabilities that are secure and reliable. This not only ensures employees remain productive but also allows mobile printing to be tracked and controlled – vital in an era when many businesses face financial, environmental and security concerns. Read more.
    Learn more »
  • Removing BPM Silos to Unleash Process Power - 15 Best Practices for Enterprise BPM
    You are about to get a lot smarter about Enterprise Business Process Management (BPM ). T his article is the first in a series of our soon-to-be-published book, “The Intelligent Guide to Enterprise BPM .” So consider this first article your all-important primer.
    Learn more »
  • Avaya Deploys the Avaya Desktop Video Device with the Avaya Flare® Experience
    A revolutionary new video collaboration device, the Avaya Desktop Video Device has been making waves in the communications industry ever since Avaya introduced the product in the fall of 2010. Avaya’s own employees have been among the earliest users and have seen first-hand how the product can improve collaboration and make people more efficient and effective. Read more.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments