A tool to locate and track SNS accounts in a face recognition system from a single photo will be developed

by moggs oceanlane

Trustwave of security company announced that it developed " Social Mapper " to track account of social media network. Social Mapper is an open source tool that identifies accounts by searching for photos uploaded online using the face recognition function from the input face picture.

Mapping Social Media with Facial Recognition: A New Tool for Penetration Testers and Red Teamers
https://www.trustwave.com/Resources/SpiderLabs-Blog/Mapping-Social-Media-with-Facial-Recognition-A-New-Tool-for-Penetration-Testers-and-Red-Teamers/

Social Mapper will analyze the person to be searched by entering a face picture or LinkedIn 's profile that you have prepared in advance.

When the analysis of the search target is completed, Social Mapper searches the same image from the Internet using face recognition. Social Mapper does not use the API, it is a system that automatically carries out the process "Continue browser search while looking at photos". Of course, compared to scanning with tools that use the API, the search process of Social Mapper takes quite a while. Trustwave says, "Online information gathering is a time-consuming process, searching 1,000 subject lists using Social Mapper can take around 15 hours or more." Supported social network platforms are LinkedIn, Facebook, Twitter, Google+, Instagram, Vkontakte, Weibo, Douban.

Social Mapper contacts accounts in various ways such as those used in phishing scams. For example, Social Mapper creates a bogus profile to become a friend with a target and sends a link with a message that gives the viewing qualification of the profile to the fake account. According to Trustwave, when sending a link with the social media message function, the click rate will be more than doubled compared to sending by e-mail.

The final result of the search is output in the form of a spreadsheet that summarizes the name of the searcher and the account of SNS. For example, the image below shows that you have identified your Facebook account from search results.

Software that monitors social media exists other than Social Mapper. For example, software called " Geofeedia " can extract messages and pictures with location information from SNS and monitor it, it became clear that US law enforcement agencies are using it to monitor activists It became a problem.

Trustwave claims to have developed Social Mapper for the purpose of " ethical hacking " to clarify vulnerability to phishing scams and call attention. The code of Social Mapper is open source, and anyone can freely obtain it at GitHub .