A group of researchers recently demonstrated it is possible to steal personal information from Facebook by using “socialbots”, a type of computer programs that can mimic real Facebook profiles.
The research team invaded Facebook with 102 socialbots and over a period of eight weeks they made a total of 3055 friends, which then gave them access to a staggering total of 1,085,785 profiles, before allowing them to gather 250GB of personal data.
The experiment has served to expose how vulnerable social media sites can be to the attacks of internet criminals, who are even offering socialbots for sale online for as little as $29 (£18).
Usually companies would consider using some form of security assessment software, however in this instance, that kind of testing would not necessarily pick up the nuances of the security issues.
Facebook has been in the market for some years now, yet no one has every spotted this flaw. This is exactly the kind of challenge that testers relish!
One researcher, Yazan Boshmaf, has stated that his goal was not to expose Facebook Immune System’s vulnerabilities, but to help the social media giant and the online community to build systems that are more secure and less vulnerable to both human exploits and technical exploits.
The researchers have assured Facebook that all retrieved data was encrypted and deleted once the data analysis was complete.