Researchers Infiltrated Facebook Using One Experimental Botnet
A botnet that 4 security researchers built was recently used to infiltrate Facebook to show how easy it was for exploiting social-networking websites. PCWorld.com published this on November 2, 2011.
Reportedly, the experiment had the researchers from the University of British Columbia use a huge 102 fake friends on Facebook to demonstrate how it was possible to dig out personal information related to users that otherwise weren't openly shared on the website and the insufficiency of its protective measures for tackling an enormous size of infiltration.
The researchers, who carried out the scheme for 8 weeks, garnered 250GB of data from numerous members of the social network and over 3,000 members befriended the "sockpuppet" bots; as a result, the network accessed over 1m profiles.
Also, the researchers in their simulated attack against Facebook utilized one novel type of bot-network known as "socialbot." This one is different from other bots in that it behaves like a human. Consequently, it gains an advantageous stature within the social-networking website that of a "friend."
Incidentally, it costs just $29 to buy socialbots that cyber-criminals profusely use today, the researchers note.
Elaborating on the experiment, the researchers stated that when socialbots invaded one targeted social-networking site, they could additionally dig out its members' information including phone numbers, e-mail ids along with their financial information. Thinq.co.uk published this on November 2, 2011.
The above data could be useful for miscreants seeking to create profiles online as well as execute huge phishing or spam scams, the researchers added.
Responding to the aforementioned experiment, Facebook stated that the situation could hardly happen for real as the bots' Internet Protocol addresses had a connection with an academic institutional source that everyone trusted, while the Internet Protocol addresses the actual miscreants utilized would have resulted in anxiety. Bbc.co.uk published this on November 2, 2011.
A Spokesperson of Facebook stated that the company had many systems created for identifying bogus accounts as also restricting abrasion of data. Further, there was a continuous updating of such systems for enhancing their efficacy as also for tackling fresh types of assaults, the Spokesperson added. Bbc.co.uk reported this.
» SPAMfighter News - 09-11-2011