Presented at DEF CON 17 (2009)
Aug. 2, 2009, 4 p.m.
In Social Zombies: Your Friends want to eat Your Brains, Tom Eston and Kevin Johnson explore the various concerns related to malware delivery through social network sites. Ignoring the FUD and confusion being sowed today, this presentation will examine the risks and then present tools that can be used to exploit these issues.
This presentation begins by discussing how social networks work and the various privacy and security concerns that are caused by the trust mass that is social networks. We use this privacy confusion to exploit members and their companies during our penetration tests.
The presentation then discusses typical botnets and bot programs. Both the delivery of this malware through social networks and the use of these social networks as command and control channels will be examined.
Tom and Kevin next explore the use of browser-based bots and their delivery through custom social network applications and content. This research expands upon previous work by researchers such as Wade Alcorn and GNUCitizen and takes it into new C&C directions.
Finally, the information available through the social network APIs is explored using the bot delivery applications. This allows for complete coverage of the targets and their information.
- Senior Security Analyst, InGuardians
Kevin Johnson is a Senior Security Analyst with InGuardians. Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time contributes to a large number of open source security projects.
Kevin founded and leads the development on B.A.S.E. (the Basic Analysis and Security Engine) project. The BASE project is the most popular web interface for the Snort intrusion detection system.
Kevin is an instructor for SANS, teaching both the Incident Handling and Hacker Techniques class and the Web Application Penetration Testing and Ethical Hacking class, which he is the author. He has presented to many organizations, including Infragard, ISACA, ISSA, RSA and the University of Florida.
- Social Media Security Researcher
Tom Eston is a penetration tester for a Fortune 500 financial services organization. Tom currently serves as the security assessment team lead. Tom began his career over twelve years ago as a systems and network administrator for several large and medium size businesses. He began his career in security by helping form an information security department for a real estate development company.
Tom is actively involved in the security community and focuses his research on the security of social media. He is a contributing author to a social media eBook and has written a Facebook Privacy & Security Guide which is used in several major universities as part of student security awareness programs. Tom is also a security blogger, co-host of the Security Justice podcast and is a frequent speaker at security user groups and conferences. Tom recently gave a talk at Notacon 6 titled "The Rise of the Autobots: Into the Underground of Social Network Bots".