Presentation is loading. Please wait.

Presentation is loading. Please wait.

Social Networking hacks Austin Enfield. Overview Noted Hacks Session Hijacking Social Engineering Identity theft.

Similar presentations


Presentation on theme: "Social Networking hacks Austin Enfield. Overview Noted Hacks Session Hijacking Social Engineering Identity theft."— Presentation transcript:

1 Social Networking hacks Austin Enfield

2 Overview Noted Hacks Session Hijacking Social Engineering Identity theft

3 Noted Hacks Linkedin hack Myspace hacker Samy Worm

4 Hacked 6.4 million passwords stolen Uploaded to Russian language forum http://www.wordtracker.com/attachments/LinkedIn-Logo.png

5 Myspace Hack Myspace Hacker Phishing and XSS http://www.countryvillageresort.com/httpdocs/assets/images/myspace-logo.png

6 The Samy Worm Samy Kamkar Over 1 million affected Shutdown Myspace October 4, 2005 Added friends automaticaly Added “but most of all, samy is my hero” to heros section http://richardvelazquez.files.wordpress.com/2010/10/myspace-primary_logo-blue_clean.jpg

7 Samy Worm Grew Exponentially Shut down the site in <20 hours First web 2.0 worm Entered Plea agreement to the felony charge on January 31, 2007  Three years probation with no non work based computer use  90 days community service  undisclosed amount restitution payment

8 Session Hijacking Phishing XSS sidejacking DroidSheep Firesheep

9 FireSheep Firefox addon Oct 24, 2010 Free open source Gui based Sidejacker Forced facebook and twitter to require HTTP secure http://www.mozilla.org/en-US/press/image-library/firefox-wordmark-vertical.png

10 Social Engineering Gain access to personal info by Posing as friend Use links in personal messages with redirects Identity theft

11 Social-Engineer Toolkit (SET) Attacks the human element Part of standard penetration tests Preforms phishing, man in the middle

12 Identity Theft 15 million victims a year Average of $3,500 in loss Stronger trend towards social engineering to gain information

13 Identity Theft Common information found  Full name (particularly your middle name)  Date of birth (often required)  Home town  Relationship status  School locations and graduation dates  Pet names  Other affiliations, interests and hobbies

14 Prevention Education Don’t post anything personal Verify sources before giving any info

15 Review Noted Hacks Session Hijacking Social Engineering Identity theft

16 Works Cited Butler, Eric. "FireSheep." Code Butler. N.p., 24 2010. Web. 3 Dec 2012... "Computer Based Social Engineering Tools: Social Engineer Toolkit (SET)." Social Engineering Framework. N.p., 13 2010. Web. 3 Dec 2012.. Curry, Coleen. "6.4 Million Passwords Reportedly Stolen From LinkedIn Website." ABC News. ABC, 06 2012. Web. 3 Dec 2012. http://abcnews.go.com/US/linkedin-hacked- 64-million-user-passwords-reportedly-leaked/story?id=16508728 dipman44,. " hack anyones myspace(WORKING!!)." 2007. N.p., Online Posting to All- nettools forums. Web. 3 Dec. 2012. http://www.all- nettools.com/forum/showthread.php?5753-hack-anyones-myspace(WORKING!!) "How it Works." Myspace Hacker Pro. N.p.. Web. 3 Dec 2012. http://myspacehackerpro.com/p/how-it-works/. "Identity Theft Victim Statistics." IdentityTeft.info. N.p.. Web. 3 Dec 2012. { "@context": "http://schema.org", "@type": "ImageObject", "contentUrl": "http://images.slideplayer.com/13/4043703/slides/slide_16.jpg", "name": "Works Cited Butler, Eric. FireSheep. Code Butler.", "description": "N.p., 24 2010. Web. 3 Dec 2012... Computer Based Social Engineering Tools: Social Engineer Toolkit (SET). Social Engineering Framework. N.p., 13 2010. Web. 3 Dec 2012.. Curry, Coleen. 6.4 Million Passwords Reportedly Stolen From LinkedIn Website. ABC News. ABC, 06 2012. Web. 3 Dec 2012. http://abcnews.go.com/US/linkedin-hacked- 64-million-user-passwords-reportedly-leaked/story?id=16508728 dipman44,. hack anyones myspace(WORKING!!). 2007. N.p., Online Posting to All- nettools forums. Web. 3 Dec. 2012. http://www.all- nettools.com/forum/showthread.php?5753-hack-anyones-myspace(WORKING!!) How it Works. Myspace Hacker Pro. N.p.. Web. 3 Dec 2012. http://myspacehackerpro.com/p/how-it-works/. Identity Theft Victim Statistics. IdentityTeft.info. N.p.. Web. 3 Dec 2012.

17 Works Cited cont.. "I'll never get caught. I'm Popular." namb. N.p., October 2005. Web. 3 Dec 2012.. Lewis, Kent. "How Social Media Networks Facilitate Identity Theft and Fraud." Entrepreneurs' Organization. N.p.. Web. 3 Dec 2012.. McMillan, Robert. "MySpace Hacker Tells His Story." PCWorld. N.p., 20 2007. Web. 3 Dec 2012. Roba,. "How to Hack Facebook: The Trick is Social Engineering." thought pick. N.p., 09 2009. Web. 3 Dec 2012... "Samy (computer worm)." Wikipedia. N.p., 27 2012. Web. 3 Dec 2012... "Session hijacking." Wikipedia. N.p., 09 2012. Web. 3 Dec 2012..


Download ppt "Social Networking hacks Austin Enfield. Overview Noted Hacks Session Hijacking Social Engineering Identity theft."

Similar presentations


Ads by Google