Presentation is loading. Please wait.

Presentation is loading. Please wait.

Social Networking hacks Austin Enfield. Overview Noted Hacks Session Hijacking Social Engineering Identity theft.

Similar presentations


Presentation on theme: "Social Networking hacks Austin Enfield. Overview Noted Hacks Session Hijacking Social Engineering Identity theft."— Presentation transcript:

1 Social Networking hacks Austin Enfield

2 Overview Noted Hacks Session Hijacking Social Engineering Identity theft

3 Noted Hacks Linkedin hack Myspace hacker Samy Worm

4 Hacked 6.4 million passwords stolen Uploaded to Russian language forum

5 Myspace Hack Myspace Hacker Phishing and XSS

6 The Samy Worm Samy Kamkar Over 1 million affected Shutdown Myspace October 4, 2005 Added friends automaticaly Added “but most of all, samy is my hero” to heros section

7 Samy Worm Grew Exponentially Shut down the site in <20 hours First web 2.0 worm Entered Plea agreement to the felony charge on January 31, 2007  Three years probation with no non work based computer use  90 days community service  undisclosed amount restitution payment

8 Session Hijacking Phishing XSS sidejacking DroidSheep Firesheep

9 FireSheep Firefox addon Oct 24, 2010 Free open source Gui based Sidejacker Forced facebook and twitter to require HTTP secure

10 Social Engineering Gain access to personal info by Posing as friend Use links in personal messages with redirects Identity theft

11 Social-Engineer Toolkit (SET) Attacks the human element Part of standard penetration tests Preforms phishing, man in the middle

12 Identity Theft 15 million victims a year Average of $3,500 in loss Stronger trend towards social engineering to gain information

13 Identity Theft Common information found  Full name (particularly your middle name)  Date of birth (often required)  Home town  Relationship status  School locations and graduation dates  Pet names  Other affiliations, interests and hobbies

14 Prevention Education Don’t post anything personal Verify sources before giving any info

15 Review Noted Hacks Session Hijacking Social Engineering Identity theft

16 Works Cited Butler, Eric. "FireSheep." Code Butler. N.p., Web. 3 Dec "Computer Based Social Engineering Tools: Social Engineer Toolkit (SET)." Social Engineering Framework. N.p., Web. 3 Dec Curry, Coleen. "6.4 Million Passwords Reportedly Stolen From LinkedIn Website." ABC News. ABC, Web. 3 Dec million-user-passwords-reportedly-leaked/story?id= dipman44,. " hack anyones myspace(WORKING!!)." N.p., Online Posting to All- nettools forums. Web. 3 Dec nettools.com/forum/showthread.php?5753-hack-anyones-myspace(WORKING!!) "How it Works." Myspace Hacker Pro. N.p.. Web. 3 Dec "Identity Theft Victim Statistics." IdentityTeft.info. N.p.. Web. 3 Dec

17 Works Cited cont.. "I'll never get caught. I'm Popular." namb. N.p., October Web. 3 Dec Lewis, Kent. "How Social Media Networks Facilitate Identity Theft and Fraud." Entrepreneurs' Organization. N.p.. Web. 3 Dec McMillan, Robert. "MySpace Hacker Tells His Story." PCWorld. N.p., Web. 3 Dec Roba,. "How to Hack Facebook: The Trick is Social Engineering." thought pick. N.p., Web. 3 Dec "Samy (computer worm)." Wikipedia. N.p., Web. 3 Dec "Session hijacking." Wikipedia. N.p., Web. 3 Dec


Download ppt "Social Networking hacks Austin Enfield. Overview Noted Hacks Session Hijacking Social Engineering Identity theft."

Similar presentations


Ads by Google