Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Rise of the Autobots




Into the Underground of Social Network Bots
Hi! I’m not a bot
•   Tom Eston
•   Social Media Security
    Researcher
•   Pentester
•   Bot lover
•   Blog: spylogic.ne...
WARNING!
What you are about to see violates
the Terms of Service (TOS) and
acceptable use policies of social
networks!

Ac...
Social Networks
200 Million Users
110 Million Users
35 Million Users
Grew 752% in 2008
8 Million Visitors in
   March 2009
quot;Social Networks & Blogs
are now the 4th most
popular online activity,
ahead of personal email.quot;

      -Nielsen O...
It’s a target rich environment...
The Culture of Trust
Why is trust
   important?
• It’s how social networks
  work!
• Trust EVERYONE!
• Share as much as
  possible...the social...
Trust exploited
  by Bots??
Bot or Not?
BOT!!
Bot or Not?
Bot or Not?
BOT!!
Bot or Not?
FAIL!
Bot or Not?
BOT!!
Bot or Not?
Bot or Not?
Not a Bot!
Not a Bot!
 But still...
LOTS OF FAIL!
Bot or Not?
BOT!!
Bot or Not?
Biggest
Rick Roll ever?
Biggest
Rick Roll ever?
Biggest
Rick Roll ever?
Biggest
Rick Roll ever?
What’s the point?

• Trust is easy to exploit!
• People will trust bots...
• Accounts were created and
  used with tools w...
The Rise of
 the Bots
What are bots?
   “...perform tasks that are
both simple and structurally
  repetitive at a much higher
   rate than a hum...
Ever see this?
Why use Bots?
• Automation...on a mass
  scale
• Easy to use
• Multiple purpose
 • Malware, Blackhat SEO,
   phishing...pr...
The Bot
Underground
“It’s the “Spammers Choice!”
The Underground
 Business Model
• Create and Sell accounts
• Buy and Use accounts
• Custom bot scripts and
  software (Fre...
It’s all about
  Blackhat SEO...
  • Not just for search engine
    rankings!
  • Evil Search Engine
    Optimization tech...
Want to know
   more?
What’s for Sale?

• Hacked accounts
• Hacked accounts w/friends
  (more friends, more $$)
• Webmail accounts (verified)
• ...
Example...
Let’s talk $$




•   Facebook w/30+ Friends = $8
•   Facebook Phone Verified = $5/$6
•   1,000 Gmail Accounts = $13
•   5...
But there are controls
    in place, right?
What about
CAPTCHA?
CAPTCHA=FAIL

• Algorithms can be
  cracked
• OCR technology
• They have hawt chix
• and if that doesn’t
  work...
OUTSOURCE IT!
OR...use Melissa!




         She wants you..srsly
What about
Friend Request/
   Messaging
  Controls...
Phone SMS
    Verification?
• Great idea! But...can be
  broken..
It kind of works,
          but...
• Prepaid cell phones
• Overseas virtual
  SMS Services (SMS
  Receive)
• SMS back to I...
How about rate
    Limits?
• Easy to bypass...just test it,
  modify your code and/or slow
  down!
Types of Bots on
Social Networks
Good Bots
Twitter Bots
n0taB0t

•   Tweets
    mindless
    rants....
•   Likes to reply
    to you
•   Likes Notacon
•   Mostly
    harmless
Annoying Bots
Auto Follow/
      Reply




• Bots looking for “keywords” in
  your tweets...
Evil Bots
U-Bot
U-Bot in Action
Webdominator
Webdominator in Action
Need help?
Other Pay Services
Realboy



•   Project to make Twitter bots as
    human as possible!
•   Real interactions with your
    Twitter network
...
Social Network
  Botnets?
• Malware distribution for C&C
 • Koobface!
• DDos botnet via third-party
  applications
 • Face...
Twitter for Botnet C&C
  • Bot looks for commands on
    legitimate Twitter accounts
  • Takes action based on the
    com...
Twitterbot C&C In Action
TwitterBot
      Enhancements
   • add a hash (or part of) to the
     command to stop fake
     requests
   • encrypt the...
Is the end near?




How to stop the bots!
Bot detection
• Look carefully!
• Lots of
  clues..spammer
  s are doing it
  wrong!
• Programs/API’s
  to detect
  (Twitt...
Some possible
  solutions...
• Account creation/message
  throttling
• Why can you still create
  multiple accounts from t...
But wait...there’s
     more!
• socialnetworkbots.com
• open source project
• Twitter and other bots
  (n0tab0t)....
• get...
Questions?
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
You’ve finished this document.
Upcoming SlideShare
Beyond Chatops - Bots @ Domain
Next
Upcoming SlideShare
Beyond Chatops - Bots @ Domain
Next

Share

Rise of the Autobots: Into the Underground of Social Network Bots

How do you know that last friend request or Twitter follower was an actual live human being? The truth is...you don't! Bots and bot manufacturers have become rampant in social networks such as MySpace, Facebook and Twitter exploiting the trust relationships that make social media work. Why are bots taking control of social networks? It's simple. Social networks are the fastest growing phenomenon of our time. For example, Facebook alone recently reached 150 million potential targets for spammers, malware authors, and other undesirables in 2008. Social networks are only getting bigger and bots will be part of this trend.

This presentation will take you on a journey into the thriving bot underground where bots are manufactured for every purpose imaginable. We will talk about good bots, bad bots, really evil bots, how to identify bots, terminating bots and the future possibility of social network botnets to rule them all.

This was presented at Notacon 6 in Cleveland Ohio.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Rise of the Autobots: Into the Underground of Social Network Bots

  1. 1. Rise of the Autobots Into the Underground of Social Network Bots
  2. 2. Hi! I’m not a bot • Tom Eston • Social Media Security Researcher • Pentester • Bot lover • Blog: spylogic.net • Podcast: securityjustice.com • Tweet me: agent0x0
  3. 3. WARNING! What you are about to see violates the Terms of Service (TOS) and acceptable use policies of social networks! Accounts used in these tests have been deleted or “removed” (not by me...) Don't try this at home! KTHKSBAI
  4. 4. Social Networks
  5. 5. 200 Million Users
  6. 6. 110 Million Users
  7. 7. 35 Million Users
  8. 8. Grew 752% in 2008
  9. 9. 8 Million Visitors in March 2009
  10. 10. quot;Social Networks & Blogs are now the 4th most popular online activity, ahead of personal email.quot; -Nielsen Online Report, March 2009
  11. 11. It’s a target rich environment...
  12. 12. The Culture of Trust
  13. 13. Why is trust important? • It’s how social networks work! • Trust EVERYONE! • Share as much as possible...the social networks don’t mind! • Social networks are mining your data!
  14. 14. Trust exploited by Bots??
  15. 15. Bot or Not?
  16. 16. BOT!! Bot or Not?
  17. 17. Bot or Not?
  18. 18. BOT!! Bot or Not?
  19. 19. FAIL!
  20. 20. Bot or Not?
  21. 21. BOT!! Bot or Not?
  22. 22. Bot or Not?
  23. 23. Not a Bot!
  24. 24. Not a Bot! But still... LOTS OF FAIL!
  25. 25. Bot or Not?
  26. 26. BOT!! Bot or Not?
  27. 27. Biggest Rick Roll ever?
  28. 28. Biggest Rick Roll ever?
  29. 29. Biggest Rick Roll ever?
  30. 30. Biggest Rick Roll ever?
  31. 31. What’s the point? • Trust is easy to exploit! • People will trust bots... • Accounts were created and used with tools we will talk about • Rick Astley is EVIL!
  32. 32. The Rise of the Bots
  33. 33. What are bots? “...perform tasks that are both simple and structurally repetitive at a much higher rate than a human alone.” “Applications that run automated tasks”
  34. 34. Ever see this?
  35. 35. Why use Bots? • Automation...on a mass scale • Easy to use • Multiple purpose • Malware, Blackhat SEO, phishing...pr0n! • Highly Effective
  36. 36. The Bot Underground
  37. 37. “It’s the “Spammers Choice!”
  38. 38. The Underground Business Model • Create and Sell accounts • Buy and Use accounts • Custom bot scripts and software (Freelancing)
  39. 39. It’s all about Blackhat SEO... • Not just for search engine rankings! • Evil Search Engine Optimization techniques... • PPC (Pay Per Click) • PPI (Pay Per Install) • Cookie Stuffing How money is made on the “net”
  40. 40. Want to know more?
  41. 41. What’s for Sale? • Hacked accounts • Hacked accounts w/friends (more friends, more $$) • Webmail accounts (verified) • Bot software/scripts • Services!
  42. 42. Example...
  43. 43. Let’s talk $$ • Facebook w/30+ Friends = $8 • Facebook Phone Verified = $5/$6 • 1,000 Gmail Accounts = $13 • 500 YouTube Accounts = $30
  44. 44. But there are controls in place, right?
  45. 45. What about CAPTCHA?
  46. 46. CAPTCHA=FAIL • Algorithms can be cracked • OCR technology • They have hawt chix • and if that doesn’t work...
  47. 47. OUTSOURCE IT!
  48. 48. OR...use Melissa! She wants you..srsly
  49. 49. What about Friend Request/ Messaging Controls...
  50. 50. Phone SMS Verification? • Great idea! But...can be broken..
  51. 51. It kind of works, but... • Prepaid cell phones • Overseas virtual SMS Services (SMS Receive) • SMS back to ICQ and Yahoo Messenger (works with some socnets)
  52. 52. How about rate Limits? • Easy to bypass...just test it, modify your code and/or slow down!
  53. 53. Types of Bots on Social Networks
  54. 54. Good Bots
  55. 55. Twitter Bots
  56. 56. n0taB0t • Tweets mindless rants.... • Likes to reply to you • Likes Notacon • Mostly harmless
  57. 57. Annoying Bots
  58. 58. Auto Follow/ Reply • Bots looking for “keywords” in your tweets...
  59. 59. Evil Bots
  60. 60. U-Bot
  61. 61. U-Bot in Action
  62. 62. Webdominator
  63. 63. Webdominator in Action
  64. 64. Need help?
  65. 65. Other Pay Services
  66. 66. Realboy • Project to make Twitter bots as human as possible! • Real interactions with your Twitter network • Source code available...
  67. 67. Social Network Botnets? • Malware distribution for C&C • Koobface! • DDos botnet via third-party applications • Facebot! • Control a botnet via Twitter?
  68. 68. Twitter for Botnet C&C • Bot looks for commands on legitimate Twitter accounts • Takes action based on the command • Commands are obfuscated • Proof of Concept code released today at Notacon! • “TwitterBot” created by Robin Wood aka: @digininja
  69. 69. Twitterbot C&C In Action
  70. 70. TwitterBot Enhancements • add a hash (or part of) to the command to stop fake requests • encrypt the whole command (obfuscation) • get the bot to talk back Get it now at: http://www.digininja.org/twitterbot/
  71. 71. Is the end near? How to stop the bots!
  72. 72. Bot detection • Look carefully! • Lots of clues..spammer s are doing it wrong! • Programs/API’s to detect (Twitter specific)
  73. 73. Some possible solutions... • Account creation/message throttling • Why can you still create multiple accounts from the same IP?? WTF? • No more opt-in developer models! • Education of users? We can try...the socnets won’t!
  74. 74. But wait...there’s more! • socialnetworkbots.com • open source project • Twitter and other bots (n0tab0t).... • get the code...don’t use your real account! • Twitterbot Command & Control POC Code: www.digininja.org/twitterbot
  75. 75. Questions?
  • LimbertLopez1

    Aug. 30, 2017
  • NguynYn32

    Jun. 21, 2016
  • gastonsc

    Jul. 5, 2015
  • Denimo

    Jun. 27, 2015
  • joshlordbras

    May. 21, 2015
  • stephenhite

    Nov. 2, 2014
  • sgfwarnaars

    Oct. 15, 2013
  • TheSuggmeister

    Mar. 1, 2013
  • Gumby1

    Aug. 31, 2009
  • litrium

    May. 25, 2009
  • pnoshawn

    May. 15, 2009

How do you know that last friend request or Twitter follower was an actual live human being? The truth is...you don't! Bots and bot manufacturers have become rampant in social networks such as MySpace, Facebook and Twitter exploiting the trust relationships that make social media work. Why are bots taking control of social networks? It's simple. Social networks are the fastest growing phenomenon of our time. For example, Facebook alone recently reached 150 million potential targets for spammers, malware authors, and other undesirables in 2008. Social networks are only getting bigger and bots will be part of this trend. This presentation will take you on a journey into the thriving bot underground where bots are manufactured for every purpose imaginable. We will talk about good bots, bad bots, really evil bots, how to identify bots, terminating bots and the future possibility of social network botnets to rule them all. This was presented at Notacon 6 in Cleveland Ohio.

Views

Total views

7,112

On Slideshare

0

From embeds

0

Number of embeds

1,489

Actions

Downloads

6

Shares

0

Comments

0

Likes

11

×