91av

Hackers act differently if accessing male or female Facebook profiles

Cybercriminals seem to behave differently depending on the age and gender of the owner of the Facebook accounts they hack into
Facebook logos
Facebook logins can be traded by hackers
Shutterstock/TY Lim

Cybercriminals seem to behave differently depending on the age and gender listed on the Facebook accounts they hack into, although questions have been raised about the ethics of the study that has revealed this.

Jeremiah Onaolapo at the University of Vermont and his colleagues, including some at Facebook, created 1008 realistic Facebook accounts, populating them with fake information, photos and posts. They then leaked the login details for 672 of these accounts on websites used by hackers to trade compromised credentials, including Pastebin, Paste.org.ru, and the dark web site Stronghold.

The other accounts were kept secure, but were used to populate the friendship groups of the leaked accounts. The team then monitored the leaked accounts for six months to see who accessed them, and what they did.

“I wanted to see if we could shine some light on the dark corners of the web,” says Onaolapo. In all, 46 per cent of the leaked accounts were accessed a combined total of 322 times, but what happened next depended on the apparent demographics of the fake account.

The team found that cybercriminals messaged the friends of younger profiles more often than those of older profiles. Male accounts were often vandalised, but female accounts never were.

Half of the hackers, as tracked by their internet protocol (IP) address, a unique identifier, accessed only one account, but one user broke into 93 accounts. The IP addresses came from 53 different countries, but some of these may not reflect the hackers’ real locations. .

Cybercriminals appearing to change their behaviour based on the type of account they access suggests a sophisticated approach, says Alan Woodward at the University of Surrey, UK. “It shows the days of scatter gun approaches have gone and we’re very definitely into more targeted attacks,” he says. “Criminals are getting ‘smarter’ looking for a greater return on their investment.”

However, Woodward raises questions about the experiment. For instance, the fake profile pictures were licensed from stock image websites that give permission from the creators for the pictures to be used for any purpose – but the team didn’t also secure permission from the people in the photos. “If I were the subject of a stock photo, I’m not sure I’d want it used like this,” he says.

Likewise, the researchers populated the fake accounts with text taken from Twitter hashtags around sports, news and music, with any personal identifying information removed, but didn’t ask the Twitter users for their permission.

Onaolapo says both are valid concerns. He says the team used only pictures with a licence specifically allowing the picture to be used for any purpose. “In a similar vein, the tweets are public and I sanitised the tweets,” he says, pointing out that unlike Facebook posts, most Twitter posts are publicly available by default. “There’s always a fine line to balance. The end goal is to shed light on criminal activity. I believe at the end of the day, that’s a good thing.”

Topics: Facebook / Hacking