1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Crackdowns on Social Media Accounts Backfire by Driving up Demand

Discussion in 'BlackHat Lounge' started by Asif WILSON Khan, Apr 18, 2017.

  1. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    11,436
    Likes Received:
    32,336
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    Facebook shut down as many as 30,000 fake accounts in the past week — but that's unlikely to hurt the multi-million-dollar spam industry.

    In fact, since Facebook's post-election housecleaning, it's become even more lucrative for spammers to pump out "inauthentic accounts." The asking price on the black market for 1,000 fake accounts used to be $20, but security changes by the social network giant only succeeded in driving up prices.

    "If you go to the underground markets where they sell fake Facebook accounts, you can buy 1,000 of these for $300 to $400," Damon McCoy, a New York University computer science professor specializing in cybercrime, told NBC News. "In terms of economics of replacing these 30,000 accounts, they took down something, but perhaps not as much as you might think."

    Fake social media accounts are pumped out by programmers in places like Russia, or are registered manually by humans in “farms” in countries like India, where labor is cheap. Jason Alden / Bloomberg via Getty file
    The flurry of account closing — all "users" were based in France — was an attempt by Facebook to head off interference in the French presidential election, following fierce criticism for the network's role in the proliferation of "fake news" during the 2016 U.S. presidential election.

    "We've made improvements to recognize these inauthentic accounts more easily, by identifying patterns of activity — without assessing the content itself," said Facebook in a statement. "For example, our systems may detect repeated posting of the same content, or an increase in messages sent."

    "Going forward, the advances we have made to our detection systems will help us ... keep our platform safe," the statement continued.

    Spam Farms
    Prices for other fake social media accounts — which, like fake Facebook accounts, are created either automatically by programmers in places like Russia, or are registered manually by humans in "farms" in countries like India, where labor is cheap — remain low. At time of writing, one Russian account-selling site asked only $900 for 20,000 Twitter accounts with confirmed email addresses.

    Related: As Many as 48 Million Twitter Accounts Aren't People, Says Study

    Spammers are getting smarter as well, squeezing more money out of each individual account by moving to harder-to-detect money-making methods, like advertising revenue from the spread of false news stories.

    But perhaps of greater concern are the geopolitical effects spam can now cause, said Marcus Rogers, director of Purdue University's Cyber Forensics Lab.

    "For pretty much any election right now, there's this big concern there's going to be manipulation by what we would consider to be spammers and the fake news folks," Rogers said, citing allegations of cyber interference in the 2016 election and concerns over similar interference in the upcoming French presidential elections.

    Traditional email spamming, which focused on selling counterfeit pharmaceuticals and scams targeted at individuals, never had that sort of impact, Rogers noted.

    The Return of Email Spam
    New avenues like social media had, for years, reduced the amount of spam over classic "attack vectors" like email, Rogers said. But research shows email spam is reemerging and refocusing.

    Guests in the Facebook Lounge ahead of the first Republican presidential debate at Quicken Loans Arena in Cleveland, Ohio on Aug. 6, 2015. Andrew Harrer / Bloomberg via Getty file
    In technology conglomerate Cisco's 2017 Cybersecurity Report, researchers found a resurgence of email spam, which had risen to levels not seen since 2010. The spam — much of it pushed by botnets, networks of computers controlled by malicious software, usually without the owners' knowledge — accounted for 65 percent of email.

    Still, global email spam volume falls short of its 2010 highs, said Jaeson Schultz, a threat researcher with Talos, Cisco's security research arm. But even at the lower volume, Talos blocks roughly 20 billion email threats each day.

    "Spam, I think, is going to exist in all of these platforms," Schultz said.

    But email spam has reemerged with a new focus. Now, spammers are frequently targeting businesses instead of individuals, according to the Cisco report.

    These attacks often mirror classic phishing scams, where a spammer will send an email, posing as someone else, and ask a corporate executive to initiate a wire transfer, often to an international bank from which the funds are unrecoverable, McCoy said.

    Related: Facebook Plans to Use Tech to Stop the Spread of Revenge Porn

    Other spammers are moving away from illegal activity, into gray markets, McCoy said. Instead of attempting to sell counterfeit drugs, spammers will push unproven herbal remedies, which are most often legal, or at least unregulated. They've also taken to hiring attorneys to draw up user agreements for their would-be victims.

    Keeping Up
    It's not likely spam will go away anytime soon, Rogers said. Like with viruses, which have afflicted consumers and the tech industry for the last 30 years, there may not be a permanent solution to spam, and the industry might have some catching up to do.

    "I would say we're about a year, year and a half behind," Rogers said. "And that's being optimistic."

    While Rogers, McCoy, and Schultz all agreed that some advances against spam had been made, cooperation within the tech industry is still the key to long-term success.

    "We all need to get together to be able to share information and try to combat these attacks with the idea that these folks that are trying to come in one door might try another door," Schultz said. "When you combine your resources, you really can make a difference in the security of the internet for everyone."


    SOURCE: http://www.nbcnews.com/tech/securit...edia-accounts-backfire-driving-demand-n746841
     
    • Thanks Thanks x 7
  2. Sherbert Hoover

    Sherbert Hoover Jr. Executive VIP Jr. VIP

    Joined:
    Dec 26, 2010
    Messages:
    993
    Likes Received:
    7,974
    Occupation:
    ORM - Branding - Content
    Location:
    United States
    Home Page:
    Heh. "Underground markets".

    Super secret hacker pros are registering at Black Cats World and purchasing Facebook accounts in bulk via a new payment processor called PayPal. Sources tell us they may be utilizing them for unsavory means. And may be connected with terrorist activity, as Isis also uses social media. Transitive property. Alert the presses.
     
    • Thanks Thanks x 2
  3. Turhan

    Turhan Regular Member

    Joined:
    May 1, 2016
    Messages:
    385
    Likes Received:
    188
    Occupation:
    I always learn from mistakes of others
    Location:
    ...who take my advice
    I feel like a super sexy afro ninja when I read news like this!
    I never knew it would one day be considered cool to spam. The "underground world of spammers" and phrases like that make me feel like a crack dealer.
     
  4. Mikaelo

    Mikaelo Regular Member

    Joined:
    Nov 10, 2013
    Messages:
    443
    Likes Received:
    102
    Location:
    Australia
    Quite an interesting post, cheers.

    Concerning what these accounts are being used for in light of the recent election scandals etc. It's all fun & games making a few bucks using FB for spam, but fucking with the world with propaganda pumped out by fake accounts sounds like some weird as fuck movie plot.

    What a time to be alive.
     
  5. tb303

    tb303 Power Member

    Joined:
    Dec 18, 2011
    Messages:
    731
    Likes Received:
    388
    hah paypal what a stupid name. That'll never catch on.
     
    • Thanks Thanks x 1