Everyone is pretty much on Social Media these days like Facebook, Twitter, etc. The information people choose to put up and also seek definitely should not be done so carelessly, having a private profile doesn’t always keep away hackers from accessing information. Even a harmless, insignificant ‘like’ or comment can be found and then used to dig more information, thanks to Facebook’s Graph Search.
As explained in the following article; “Even if a person’s profile is locked down to strangers, their friends’ open profiles can be examined, giving an indication, for example, who the person may be close with.” A A team of hackers from the information security company Trustwave, were able to gather information of a high-profile public figure’s wife by mining and analyzing her public ‘likes’. FBStalker was the python script developed and used in the attack. It uses Graph Search to enter queries and pull out data and for example can find photos in which two people are tagged in, comments on profiles and more. With the pulled-out information, computer attacks such as spear-phishing and malware could be conducted by hackers. The script FBStalker does what would normally take a human to do in the matter of a couple seconds.
GeoStalker was another script developed by Trustwave where it “takes an address or a set of coordinates and searches for any data geotagged with the same values”. Again, here it can pull out photos and linked information from other social networking accounts such as Twitter, Instagram, Flickr, FourSquare, and so on.
The takeaway I found while analyzing this article is that as careful as we must be with our own post, we must also be mindful of our what our friends do as well. Indeed, it complicates matters even more so and thus the issue of privacy and security.
Kirk, J. (2013, October 17). Facebook ‘stalker’ Tool Uses Graph Search for Powerful Data Mining. Retrieved from http://www.cio.com: http://www.cio.com/article/741632/Facebook_39_stalker_39_Tool_Uses_Graph_Search_for_Powerful_Data_Mining?page=2&taxonomyId=3089