Dubbed Social Mapper, the facial recognition tool automatically searches for targets across eight social media platforms, including—Facebook, Instagram, Twitter, LinkedIn, Google+, the Russian social networking site VKontakte, and China's Weibo and Douban—based on their names and pictures.
The tool's creators claim they developed Social Mapper intelligence-gathering tool predominantly to help pen testers and red teamers with social engineering attacks.
Although the searches of names and pictures can already be performed manually, Social Mapper makes it possible to automate such scans far faster and "on a mass scale with hundreds or thousands of individuals" at once.
“Performing intelligence gathering online is a time-consuming process, it typically starts by attempting to find a person's online presence on a variety of social media sites," Trustwave explained in a blog post detailing the tool.
How Social Mapper Open Source Intelligence Tool Works
But, "What if it could be automated and done on a mass scale with hundreds or thousands of individuals?"
Social Mapper works by running through three stages:
Stage 1—The tool creates a list of targets (consisting of a name and a picture) based on the input you give it. The list can be provided via links in a CSV file, images in a folder or via people registered to a company on LinkedIn.
Stage 2—Once the targets are processed, the second stage of Social Mapper kicks in that automatically starts searching social media sites for the targets online.
The researchers suggest running the tool overnight with a good internet connection as the search could take over 15 hours for lists of 1,000 people and use a significant amount of bandwidth.
Stage 3—After searching, the third stage of the Social Mapper starts generating reports such as a spreadsheet with links to the profile pages of the target list, or a more visual HTML report that also includes photos for quickly checking and verifying the results.
What Could Possibly Go Wrong?
While this end result is perfect for facilitating highly sophisticated phishing campaigns or intelligence gathering, Trustwave says it will help security professionals and ethical hackers by giving them the same tools as the bad guys to test their clients’ security.
However, since the tool is now available in open-source, anyone including bad actors or intelligence agencies can reuse facial recognition tech to build their own surveillance tools to search against already collected trove of data.
The company further proceeded to outline some nefarious-sounding uses of Social Mapper, which are limited "only by your imagination," once you have the end result in your hand, suggesting that it can be used to:
Create fake social media profiles to "Friend" targets and then send them links to downloadable malware or credential capturing landing web pages.
Trick targets into disclosing their emails and phone numbers with vouchers and offers to pivot into "phishing, vishing or smishing."
Create custom phishing campaigns for each social media platform, making sure that the target has an account, and make these more realistic by including their profile picture in the email. Then capture the passwords for password reuse.
View target's photos looking for employee access card badges and familiarise yourself with building interiors.
Well, that sounds horrible, but Trustwave researchers emphasized the use of Social Mapper for ethical hacking.
Trustwave has made Social Mapper available on GitHub and making it available to everyone for free.
Trustwave's Jacob Wilkin is going to present Social Mapper at the Black Hat USA conference this week, where IBM Research is detailing its highly evasive and highly targeted AI-powered malware called DeepLocker.