Tool Automates Targeted Attacks On Social Network Users - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 14th, 2012

Linux Advisory Watch: May 10th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Tool Automates Targeted Attacks On Social Network Users

User Rating:

How can I rate this item?

Source: Dark Reading - Posted by Anthony Pell

A researcher here today released a free tool that impersonates a Twitter user's account in order to execute automated targeted attacks on the person's followers. Pedro Varangot, a security researcher with Core Security Labs, says the group wrote the tool as a way to demonstrate and test for how social networks can be used for spear phishing. The initial version executes attacks on Twitter, but Varangot says it can be extended to work against Facebook and other social networks. The tool is based on Core's Exomind, an experimental Python-based framework written to test social network, search engines, and instant messaging attacks.

"We think spear phishing attacks are going to go [beyond] email because people aren't trusting email [as much] anymore," Varangot says. Social networks are already becoming a popular attack vector for spammers and worm attacks, and they make an attractive target for spear phishing, as well.

Read this full article at Dark Reading