Friend or Replicant: How Attackers Automate and Disguise Themselves in a Shroud of Authenticity to Gain Followers, Control Influence, and Malign Credit

Presented at BSidesSF 2021 Virtual, March 6, 2021, 3:15 p.m. (30 minutes).

Streaming at <https://youtu.be/ljBju-TONss> Join us at [r/BSidesSF](https://reddit.com/r/BSidesSF) on Reddit for live AMA style Q&A (2019) Is this "real"? This is the story of how attackers today leverage a variety of tools and tricks to impact the influence landscape at scale. Many have heard of "fake news" and know that those "friends," "matches," or "followers" might not all be real; the information we consume is inflated with likes and ratings generated by coordinated attackers utilizing anything from users' browsers to IoT devices. How are these fake accounts and likes and clicks created? To what extent are they "real"? This session will explore the fake account ecosystem, with specific focus on the lifecycle of a fake account and how specific tools and attacks are used to create likes and clicks; sometimes through automation and emulators, sometimes using real people through phone farms, mechanical turks, and sweatshops. We'll dissect the different main attack vectors and how they are being exploited: Content: repurposed to fit a different context, Access & Authentication: gained through Account Takeovers and credential cracking, Fake Accounts: created strategically to build trust, Usage: to emulate "real" users and not get caught Together, we’ll workshop practical steps to building an army of influencers (on a budget) using off-the-shelf tools and show some more advanced techniques seen in attacks today.

Presenters:

  • Anna Westelius
    Anna Westelius is a Scandinavian expat and Security Researcher, Analyst & hacking enthusiast turned technology strategist; currently on the Netflix Security team, leading their security services engineering organization.

Links:

Similar Presentations: