Courtney Falk, "The Pod People Campaign: Driving User Traffic via Social Networks"
CERIAS Weekly Security Seminar - Purdue University
English - October 14, 2020 20:30 - 687 MB Video - ★★★★ - 6 ratingsTechnology Education Courses infosec security video seminar cerias purdue information sfs research education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Michael Clark, "From Machine Learning Threats to Machine Learning Protection Requirements"
Next Episode: Jeff Man, "Why Attack When You Can Defend"
Users of social networks are having their accounts subverted.
Threat actors are gaining unauthorized access to large numbers of
accounts and inserting links to suspicious websites. Shared
command-and-control infrastructure is used across 70+ different
social networks, suggesting a coordinated campaign to drive user
traffic. The actors behind this campaign, and the end goal for
driving user traffic, remains uncertain. The campaign remains
active with changing indicators. The fact that this campaign spans
so many different social networks makes determining the scope of
the overall problem difficult. Using Goodreads as an example, we
detail how the attack is constructed.