Members
Stats
  • Total Posts: 42802
  • Total Topics: 16016
  • Online Today: 2147
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: A group of Security Pro manipulate with forum posts using Spy Agency techniques  (Read 3247 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


A group of security professionals/online miscreants have found and themselves created thousands of online accounts to manipulate forum posts, popular news articles and mailing lists using techniques pioneered by the UK's GCHQ spy agency: https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/

Researchers Azhar Desa, Harron Meer and Marco Slaviero of Thinkst found posts created around controversial topics such as the Israeli-Palestinian conflict were being heavily manipulated by commentary developed by bash scripts using newly-registered accounts.

Using a since patched flaw in comment platform Disqus, researchers plucked email addresses from suspect profiles used in "sock-puppet" commentary and found those in question had identification numbers in sequence, were used across the same forums, repeated comments and bumped up each other's posts.

The identity of those behind the aliases was unknown.

The fake accounts were designed as supporters of Palestine and Islam, and opponents to Israel, Syria, Christianity and US President Barack Obama.

Researchers also found separate puppet armies influencing articles on Reddit, CNN, Al Jazeera and the Jerusalem Post generated by simplistic means that admins appeared unable to identify.

"Who is this sock puppet army? It's difficult to speculate – it's a simplistic attack, so we're not sure if this is because they lack the skills set, or if they were intending to be found," Slaviero told delegates at the Hack in the Box conference last month: http://conference.hitb.org/hitbsecconf2014kul/sessions/weapons-of-mass-distraction-sock-puppetry-for-fun-profit/ , Digital News Asia reported: http://www.digitalnewsasia.com/digital-economy/censorship-shadowy-forces-controlling-online-conversations?

The team, which was developing free tools to let everyone troll more effectively, used similar techniques to successfully influence popular news stories on the front page of The New York Times, South Africa's popular Mail and Guardian, Reddit, and mailing lists.

You could create accounts and share an article from the same IP for about 10,000 shares, and then you switch to another IP again, and that was enough to bump an article up 15 or so spots (on the Times) from the bottom of the list, he told Risky Business in a podcast interview: http://risky.biz/RB345

"We used one line in bash that allowed us to trivially create hundreds of [Disqus] accounts in a matter of seconds. The accounts are ordered by the number of likes so we could very easily bring a comment to the top or down to the bottom."

Once they discovered the weight each site placed on making a given post popular, such as the number of times emailed, shared on Twitter, or commented, they used bash scripts to manipulate popular posts.

In total they created 100 fake profiles on Disqus thanks they said to poor security, 30,000 on the New York Times, and registered Twitter profiles to pump out thousands of tweets: https://twitter.com/LailaBlunt , each slightly varied and containing a designated link.

The techniques were also used to successfully promote and downvote posts on some subreddits due to the fake commentary.

They posted fake emails to the popular Liberation Tech and Full Disclosure mailing lists in July using a control and experiment posts: https://mailman.stanford.edu/pipermail/liberationtech/2014-July/013972.html , the latter of which received replies from puppet accounts.

Unsurprisingly the email with sock puppet replies peaked the interest of humans receiving hundreds more hits than the control when results were tallied two days later.

Clicks fell as the pool of posts was diluted with 'distraction' emails from the scripts.

(ElReg)

Samker's Computer Forum - SCforum.info


devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
Are you still real, Samker?  :o

 ::)
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Are you still real, Samker?  :o

 ::)

Hmmm... Yes !?


devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
haha :) Ok, I'll trust you  8)
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising