[ISN] 'Robin Sage' Profile Duped Military Intelligence, IT Security Pros

From: InfoSec News <alerts_at_private>
Date: Wed, 7 Jul 2010 03:45:40 -0500 (CDT)
http://www.darkreading.com/insiderthreat/security/privacy/showArticle.jhtml?articleID=225702468

By Kelly Jackson Higgins
DarkReading
July 06, 2010 

Seasoned red team hacker Chris Nickerson initially accepted Robin Sage's 
LinkedIn invitation because several of his colleagues had, but after 
making a few inquiries he realized something was fishy about "Robin," a 
twenty-something woman who purportedly worked for the Naval Network 
Warfare Command. "Within an hour, I started asking around, 'Hey did you 
get a friend request from Robin Sage?' ... and [friends] were saying, 'I 
thought you knew her.' I knew something weird was going on," Nickerson 
says.

So Nickerson started hammering away at Robin on Twitter, and quickly 
figured out it was a fellow red team hacker behind the phony persona. 
But not everyone caught on as quickly to the phony profile as Nickerson: 
Robin actually duped an Army Ranger into friending her. The Ranger then 
inadvertently exposed information about his coordinates in Afghanistan 
to Robin with his uploaded photos from the field that contained GeoIP 
data from the camera.

"You could see them talking about where they were going and where they 
were in Afghanistan and Iraq ... some were uploading pictures with 
geolocation information, and we were able to see them," says Thomas 
Ryan, the mastermind behind the social network experiment and co-founder 
and managing partner of cyber operations and threat intelligence for 
Provide Security, who will present the findings later this month at 
Black Hat USA in his "Getting In Bed With Robin Sage" talk.

Ryan says Robin's Facebook profile was able to view coordinates 
information on where the troops were located. "If she was a terrorist, 
you would know where different [troops'] locations were," Ryan says. 

[...]


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com
Received on Wed Jul 07 2010 - 01:45:40 PDT

This archive was generated by hypermail 2.2.0 : Wed Jul 07 2010 - 01:58:46 PDT