Researchers steal Facebook user data with army of socialbots

Leeky

Leeky

Posts: 3,357   +116

Researchers at the University of British Columbia, Vancouver used a small array of scripts programmed to pass themselves off as real people to steal 250GB of personal information from Facebook users in just eight weeks.

They created 102 "socialbots" as part of a study on social network security, which included a name and picture of a fictitious person, and used programming interfaces from iheartquotes.com to embed pseudo-random quotes into status updates. They also used Facebook interfaces to send friend requests to around 5,000 randomly chosen profiles.

In order not to flag fraud detection systems they limited friendship requests to around 25 per day, which within two weeks saw 976, or 19-percent of them accepted. They found that the more friendship requests that contained mutual friends the higher the percentage of being accepted.

The second round of friendship requests saw 2,079, 59-percent of the 3,517 sent requests accepted, and with further refinements they managed to achieve a success rate of around 80-percent in later rounds of friendship requests.

Once accepted, they sent friend requests to those that were friends of those new friends and so on, collecting every piece of information as they went, mostly from users sharing personal information with friends only.

Facebook employs a defence known as Facebook Immune System designed to automatically flag fake profiles, but researchers found it did very little to contain the experiment. Only about 20-percent of them were stopped by the tool, mostly the result of feedback from users having read the fake profiles feeds and subsequently reporting them.

Facebook declined to comment when asked specifically about the results of the study by the Register, but the company did say: “We use a combination of three systems here to combat attacks like this – friend request and fake account classifiers, and rate-limiting techniques. These classifiers block and disable inauthentic friend requests and fake accounts while rate-limiting truncates the damage that can be done by any one entity.”

Facebook users are reminded only accept friendship requests from people they know and trust. The study will present its findings (PDF) at next month's Annual Computer Security Applications Conference in Orlando, Florida.

Permalink to story.

https://www.techspot.com/news/46110-researchers-steal-facebook-user-data-with-army-of-socialbots.html

 
“We use a combination of three systems here to combat attacks like this – friend request and fake account classifiers, and rate-limiting techniques. These classifiers block and disable inauthentic friend requests and fake accounts while rate-limiting truncates the damage that can be done by any one entity.”

I believe you,ignore the rest of the article
 
OH NOES!!!!!!!!!!!!! they have my useless info!!!! what will i ever do?????
 
The real weakness in here is the people wanting to have more "friends", else just check your "friends list on any social network, i bet that most of the people have at least 1 person who they don't really know at all!
 
I wonder how much the Facebook games tie into this. I don't play them myself, but from what I understand, the more friends you have, the more items you get in your game. So people accept friend requests from anyone just to build up their game numbers. There's a lady in our office who plays 2-3 of the Facebook games and has over 700 friends. But really only personally knows maybe 30 of them. She could care less about their personal info - and as soon as she accepts some stranger as a friend to build up her gaming stats, immediately blocks their posts from her view.
 
Quote "and with further refinements they managed to achieve a success rate of around 80-percent in later rounds of friendship requests"

Im guessing most facebook users must be either vain, stupid, or lonely to produce such a staggering figure.
 
I'm not "best friends" with everyone on my Facebook friends list but I do know they are real people and I was friends with them at one point in my life if they are on my friends list. The reason people's privacy gets exposed so badly is mostly just because of their own lack of common sense. I'm not saying that's the only reason, just the biggest reason.
 
Guest said:
OH NOES!!!!!!!!!!!!! they have my useless info!!!! what will i ever do?????
Click to expand...

While it may not be a big deal for you.. looking at some of my friends profiles, they put like all of their personal details on there. $ waiting to be farmed.
 
Guest said:
Facebook data poorly secured, nothing new here, move along...
Click to expand...

It doesnt matter if the data required a retinal scan and a 5million bit encryption key to access if you just open the door to strangers.

Don't blame facebook because its users are so stupid that they just accept friend requests from anything and anyone.
 
Just don't put any information on your profile. Your friends should know who you are anyways. Besides, facebook sells this info to ad companies.
 
You must log in or register to reply here.

Similar threads

A
MIT study finds limited impact of AI on jobs requiring visual tasks
Replies
4
Views
178
waclark
W
Cal Jeffrey
Researchers found a new way to steal SSH encryption keys
Replies
0
Views
215
Cal Jeffrey
Cal Jeffrey
A
MIT researchers showcase novel method for super-fast AI image generation
Replies
5
Views
123
ZedRM
ZedRM

Latest posts

Back