Who On Earth Is ”Mr. Cypher“: Automated Friend Injection Attacks on Social Networking Sites

Posted: June 14th, 2010 | Author: markus | Filed under: research, security | Tags: academia, computer security, Facebook, friendinjection, preprint, research, security | No Comments »

Abstract. Within this paper we present our novel friend injection attack which exploits the fact that the great majority of social networking sites fail to protect the communication between its users and their services. In a practical evaluation, on the basis of public wireless access points, we furthermore demonstrate the feasibility of our attack. The friend injection attack enables a stealth infiltration of social networks and thus outlines the devastating consequences of active eavesdropping attacks against social networking sites.

Preprint

http://friendinjection.nysos.net

This work is licensed under a Creative Commons Attribution 4.0 International License.

Recent Tweets

@nys0s
security and privacy, based in Vienna. @runtastic @usableprivacy

RT @ericlaw: Wife wrote a shopping list and entrusted my 5yo to deliver it to me. #infosecmetaphors https://t.co/gbMV3Qyh0V
RT @__apf__: Oh no, I almost missed Safer Internet Day. Here's some safety advice: 1. Use a password manager 2. Use a password… https://t.co/rz5SVMcj8g
RT @applied_privacy: Last month we did more than 2000 TiB of tor traffic and today we added two more tor exit relays: gurke + rucola https://t.co/LJj7tQER1z

Markus Donko-Huber's Blog

A blog on computer security and some random stuff.

Who On Earth Is ”Mr. Cypher“: Automated Friend Injection Attacks on Social Networking Sites

Preprint

http://friendinjection.nysos.net

Leave a Reply

Recent Tweets

Blogroll

Hacking

Kudos

Research