Pages

Friday 13 September 2013

Spy Service Exposes Nigerian ‘Yahoo Boys’



Earlier this week, I wrote about an online data theft service that got hacked. That compromise exposed a user base of mostly young Nigerian men apparently engaged in an array of cybercrime activities — from online dating scams to 419 schemes. It turned out that many of these guys signed up for the data theft service using the same email address they used to register their Facebook accounts. Today’s post looks at the social networks between and among these individuals.
Of the nearly 3,000 BestRecovery users, about 280 of them had Facebook accounts tied to their BestRecovery email addresses. George Mason University associate professorDamon McCoy and several of his grad students volunteered to scrape those profiles that were open and map their social networks to see if there were any obvious or discernible patterns in the data.

The raw data itself — which ranked the BestRecovery users on number of connections they had to other users — was potentially useful, but difficult to parse into meaningful chunks. Oddly enough, as I was poring over that data I heard from Chris Ahlberg, the CEO ofRecorded Future Inc., a Cambridge, Mass. software company that specializes in Web intelligence and predictive analytics. Ahlberg was writing to say that he enjoyed the blog — particularly the posts with data-intensive analyses — and that he’d be delighted to collaborate on a data-rich research project at some point. I told him his timing couldn’t have been more serendipitous.
Ahlberg and his team took the raw scraped data sets from the Facebook accounts and ran it through their cyber intelligence applications. In short order, they produced some very compelling and beautiful graphs, shown below.
Source: Krebsonsecurity.com

No comments:

Post a Comment