3/5/2010
12:46 PM
Keith Ferrell
Keith Ferrell
Commentary

Twitter Attacks Get Automated

A security researcher has released an automated social network attack tool in an attempt to show just how vulnerable social nets are.



A security researcher has released an automated social network attack tool in an attempt to show just how vulnerable social nets are.Core Security vulnerability researcher Pedro Varangot thinks social nets are the next big frontier for automated spear phishing attacks, and at RSA he released code that he thinks proves it.

Rising user wariness about e-mail is leading to diminishing returns for phishers. As a consequence, Varangont argues, the spear phishers, whose success with targeted scams and come-ons shows the effectiveness of approaching targets by name.

Name games are where Varangot's approach gets started, building a false but convincing clone of an existing Twitter user, then using the fake to attract followers and seduce them into scams.

Varangot targeted Twitter for the demonstration because it was the easiest social net on which to make his point. But his point also included observations about how simply the technique could be applied to other social nets, search engines and instant messaging services.

Bad as spear phishing has been, Varangot predicts that "even more dangerous on social networks/"

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2021 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service