Facebook, the Poisoned Network: 83 Million Questionable Profiles

Friday, August 03, 2012

Pierluigi Paganini

03b2ceb73723f8b53cd533e4fba898ee

(Translated from the original Italian)

Crazy... a year ago on a warm June evening, I began to formalize some ideas on a concept of great relevance today, “social network poisoning”.

I am the person who coined the term, proposing to the security community with the help of some colleagues who share my ideas, such as Andrea Zapparoli Manzoni and Kalos Bonasia. 

I described it in detail on Wikipedia, who then demonstrated great ignorance and arrogance by banning the post, saying it was not supported by any official studies.

Today I desire to discuss news published by the BBC website related to Facebook  filings made public this week that states that 8.7% of its 955 million active accounts broke its rules.

But what does it mean? What are the repercussions from the security perspective?

Let's start with simple cases, users' duplicate profiles that are around 4.8% of the total amount of registered users. Then we have the "User-misclassified accounts" which amounted to 2.4%, such as profiles related to pets, objects or businesses. Another 1.5% of is composed by users classified as "undesirable".

From the economic perspective, social networks have un undisputed marketing value related to the critical mass of users, with millions of people that daily exchange information.

A good chunk of the planet is ensnared by these powerful networks, but 8.3 million of the accounts are not related to real individuals, and this represents a loss of in the economic power attributed to the popular company, at least in commercial terms, which is related solely to the audience attainable by advertising and commercial operations.

Social network are also an excellent tool for massive information gathering and mass-conditioning, and thanks to social networks is possible to track a detailed profile of any user, analyzing their relationships, posts and for retrieving data on their geolocation in real time.

Why would a user need a fake account?

Well, for sure because they may desire anonymity without leaving the social network realm, but there is also another reason: cyber espionage and conditioning. Fake accounts can be used for the following purposes, as I described in my "Social Network Poisoning" definition.

  • Replacement of identity, which is the ability to impersonate someone else for variety of purposes to intelligence social engineering.
  • Simulation of identity, creating a false profile, which does not correspond to any existing person, for malicious purposes or simply to remain anonymous.
  • Profile fuzzing, the introduction of voluntary false elements and / or non-matching to your profile to deceive intelligence systems, to prevent OSINT activities or other forms of personal gain.
  • Social graph fuzzing, the association of groups and people that have nothing to do with their interests and relations with the intention of introducing "noise" in their social graph.

Do you think it is not enough?

There are personal / social bots, creating a significant number of fake profiles (e.g. millions of fake profiles) which are managed by machines capable of interacting with each other and with real users, thus changing the "sentiment" and "conversation" on a large-scale, as well as altering the social graph, and to preclude meaningful correlations of data.

Black curation is the using real of compromised users or fictitious ones to speak on topics on which you want to change the discourse, or in creating new ad-hoc conversations. An analogy is the use of black SEO (Search engine optimization.

As social networks are also considered a haven for cybercrimeidentity theft, spam and financial fraud, crimes are being committed and obviously false accounts are the main tool to achieve this.

In the article published by the BBC it is related the experience of a correspondent, Rory Cellan-Jones, who set up a fake company called VirtualBagel to investigate allegations of fake "likes".

His investigation found that the large majority of "likes" for the fake firm originated from the Middle East and Asia via fake accounts.

Last week, the digital distribution firm Limited Press, based on the results obtained with its own analytics software, concluded that 80% of clicks on its advertisements within Facebook had come from fake users.

Guys, we are speaking of 80% of the total amount, and the company also added:

"Bots were loading pages and driving up our advertising costs. So we tried contacting Facebook about this. Unfortunately, they wouldn't reply. Do we know who the bots belong too [sic]? No. Are we accusing Facebook of using bots to drive up advertising revenue. No. Is it strange? Yes."

This data is worrisome, and it demonstrates that the model on which social networking is founded will continue to be increasingly compromised for the reasons described.

Social Networks are poisoned!

Over a year ago we said all this to the lords of Wikipedia, who banned my post. Fortunately Wikipedia Italy has not removed it... but my words still ended up in the wind! Or am I too the victim of Wikipedia Bot? But it is another story!

Specials Thanks To two great professionals and colleagues, Andrea Zapparoli Manzoni & Kalos Bonasia.

Cross-posted from Security Affairs

Possibly Related Articles:
10740
General
Information Security
Facebook Social Networking Social Engineering Social Media Cyber Crime OSINT Cyber Espionage Click Fraud Social Network Poisoning
Post Rating I Like this!
565b861029c11c98f54b1699d474f589
Kathleen Jungck I think you glossed over some legitimate uses of duplicate profiles - legal psuedonyms and functional semi-anonymity. Many authors, especially those who write fiction in a genre considered incompatible with their "day job", or use a separate pseudonym for each genre, maintain multiple social profiles. In essence, this is no different than a business owner having a "business" and "personal" profile.

Some info sec professionals maintain pseudo social profiles due to employer restrictions on revealing their association for security reasons, and the pseudo profiles allow them to interact on a social level.

Other users do so to winnow the cascades of incoming feeds -- a Seattle radio station was discussing the problem of being slammed with unreleated drivel during the commute Tuesday (8/6) morning.

I worry about the purposeful "poisoning" of an individual's "brand" and reputation over social media sites where user identity is not verified, as was noted happening to the UK media mogul.
1344378230
03b2ceb73723f8b53cd533e4fba898ee
Pierluigi Paganini Hi Kathleen thank you for the comments. Be social in my opinion is share personal feeling in a public square named social network. Duplicate has no sense but as you say it happen, it happen for works, for pleasure, for boring, for hacking ... but it happen.
83 millions of accounts are Questionable ... no doubts. They are duplicates, non human person and undesiderable account ... they have a value anyway, also economical for stakeholders.
IMHO the number of questionable account are much more and many of them are in the umbrella I named "poisoning".
Thanks
Have a great day
PL
1344422935
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.