'Cree.py' Social Engineering Tool Pinpoints A Person's Physical Location ...

1 of 3

http://www.darkreading.com/advanced-threats/167901091/security/vulne...

Welcome Guest. | Log In | Register | Membership Benefits

ATTAC KS / BR EAC HES

VULNER ABILITIES

SEC URITY MAN AGEMEN T

STORAGE SECU RITY

APPLICATION SECU RITY

ENCRYPTIO N

N AC

CLIEN T SEC UR ITY

ANTIVIR US

PRIVACY

PERIMETER SECU RITY

BLO GS

SLIDESHO W S

Tech Center: Advanced Threats

E-mail this page |

Print this page |

'Cree.py' Social Engineering

Tool Pinpoints A Person's
Physical Location
Free tool automates process of pulling geolocation,
other information on 'targets'

Advanced Threats Reports

Malware War: How Malicious Code Authors Battle to Evade
Detection
The stakes have never been higher in the fight for control of corporate and
consumer devices between malicious code and the antimalware software
designed to detect and stop it. It's a war of one-upsmanship, as security labs
work 'round the clock to analyze malicious code and the bad guys design new,
ingenious ways to frustrate analysts and automated tools. This Tech Center report covers
the key methods malware writers use to thwart analysis and evade detection.

Related Content

Mar 29, 2011 | 07:42 PM | 0 Comments

Hackers Find New Means of Disguise

By Kelly Jackson Higgins
Darkreading

A savvy and determined social engineer can gather and manually correlate
the geolocation tags of his or her target's social network or other online
posts. But a new, free tool automates that process of creeping around
and finding the physical location of a targeted person. "Cree.py" makes it
easier for social engineers to track the physical whereabouts of their
targets -- it grabs geolocations from Twitter and Foursquare, as well as
Twitpic, Flickr, and others.
Yiannis Kakavas, an independent researcher at the Royal Institute of
Technology in Stockholm, Sweden, says he built the tool -- currently in
beta -- to raise awareness of how easy it is for the physical location you
share online to be abused. "By making the process of retrieving and
analyzing all the shared location-specific information that users share easy
and automated, I hoped to make clear how easy it is for someone to stalk
you, rob you, find out where you've been, and why," Kakavas says. "The
second goal was to create a tool to add in one's social engineering
toolbox that would facilitate information gathering for geolocation
information."

Advanced Evasion Techniques (AETs) are the latest method hackers are using to
foil security solutions. AETs combine new methods of disguise to circumvent
network security solutions. This white paper reveals proactive tips for securing your
network and staying one step ahead of hackers.

New Methods for Bypassing Intrusion Prevention Technologies

Discover the latest set of evasion techniques that intrusion detection and prevention
systems (IPS) can miss. Prepare your defenses by downloading this whitepaper.

Accuracy vs. Speed: Is It Really a Choice?

This brief will explore why a software-based approach to IPS technologies will
deliver the fast, dynamic and flexible solutions that the modern threat landscape
necessitates, often at a fiscal advantage.

Advanced Threats Newsfeed

IronKey: U.K Organisations Fearful Of Organized Cybercrime
Symantec Announces April 2011 MessageLabs Intelligence Report

The privacy and security risk with all of the geolocation tagging in today's
social networking applications has been disconcerting to security experts
and privacy advocates. Users today can include their physical locations
when they tweet, post pictures from Flickr, or check in on Foursquare.
Kakavas says the information Cree.py gathers can be used for
reconnaissance on a target, such as where he lives, when he's at home,
or when he's traveling and to where. "It can also be used to create
behavioral models of the target regarding the places he/she frequents -coffee shops, gym, favorite restaurants, etc. -- [and] traveling patterns,
among others. These behavioral patterns can be very useful in social
engineering when it comes to pretexting. It can be used to create trust
relationships with the target based on supposedly common interests or
experiences," he says.
From there, an attacker can take it to another level, impersonating the
target, for example, to social-engineer another user into handing over a
password or other sensitive information, he says.
"Cree.py is just that -- CREEPY, but what a great tool to gather
information and building profiles on targets," blogged the social
engineering professionals at social-engineer.org, which provided screen
shots of how it works. "It also should be a very rude awakening to how
much information we release."

Michigan Woman Pleads Guilty To Selling More Than $400,000 In Counterfeit Business
Software
F5 Security Solutions Help Deliver DNS Security For Newly Signed .com Domain
Better Business Bureau Warns Of First Phishing Attacks In Wake Of Epsilon Breach
Banking Department Warns Consumers about Email 'Phishing' Scams After Security
Breaches At Epsilon And RSA
MORE NEWSFEED >>>

Advanced Threats

Security

Authentication

Monitoring

Cloud Security
Database Security

Security Services
SMB Security
Vulnerability
Management

It works like this for Twitter: The social engineer feeds Cree.py the
target's Twitter handle, for example, and it takes it from there, pulling

5/2/2011 5:13 PM

'Cree.py' Social Engineering Tool Pinpoints A Person's Physical Location ...

2 of 3

http://www.darkreading.com/advanced-threats/167901091/security/vulne...

together geolocation information and links to photos on img.ly, yfrog,

twitpic, analyzing the photos' metadata for GPS information. "It presents
all the retrieved information in an easy-to-view manner [with] locations in
an embedded map, which you can also export for further analysis,"
Kakavas says. It also links to Foursquare check-ins to get geolocation
information.
It can take anywhere from two to 15 minutes for Cree.py to determine the
target's physical location, and much of that is the recon part. "It depends
on the number of the user's tweets and how many of them actually contain
some geolocation information," he says. "The most time-consuming
process is actually the retrieval of the user's tweets, photos from image
hosting services, and not the analysis for geolocation information."
Cree.py can be downloaded from the Cree.py website.
Have a comment on this story? Please click "Add Your Comment" below.
If you'd like to contact Dark Reading's editors directly, send us a
message.

Care to Comment?
Subject (max length: 75):

Comment:

Captcha:

Type the characters you see in the picture above.

Subscribe to RSS

Write To Editor
Reprint This Article
Download Top Reports

Enabling People and Organizations to Harness the Transformative Power of Technology

5/2/2011 5:13 PM

'Cree.py' Social Engineering Tool Pinpoints A Person's Physical Location ...

3 of 3

http://www.darkreading.com/advanced-threats/167901091/security/vulne...

CIOs & IT Professionals

Software Developers

Vertical Markets

Black Hat
BYTE
Cloud Connect
Dark Reading
Enterprise 2.0
Enterprise Connect
Enterprise Efficiency
HDI
InformationWeek
InformationWeek 500
InformationWeek 500 Conference
InformationWeek Analytics
InformationWeek Events
InformationWeek Global CIO
InformationWeek Healthcare
InformationWeek India
InformationWeek SMB
Interop
Network Computing
No Jitter
Plug into the Cloud
TechWeb.com
The BrainYard

Dr. Dobbs
Dr. Dobbs M-Dev
Dr. Dobbs Digest
Dr. Dobb's Update
TechWeb.com

Advanced Trading
Bank Systems & Technology
CreateYourNextCustomer
InformationWeek Government
InformationWeek Healthcare
Insurance & Technology
Light Reading / Telecom
The CMO Site
Wall Street & Technology

Web & Digital Professionals

Internet Evolution
Web 2.0 Expo
Web 2.0 Summit
TechWeb.com

Global Communications
Service Providers

Game Industry Professionals

Government Officials
GTEC Ottawa
InformationWeek Government
TechWeb.com

Gamasutra.com
Game Developers Conference (GDC)
Independent Games Festival
Game Developer Magazine
GDC Europe
GDC China
Game Career Guide
Game Advertising Online

Heavy Reading
Heavy Reading Insiders
Pyramid Research
Light Reading
Light Reading Mobile
Light Reading Cable
Light Reading Europe
Light Reading Asia
Ethernet Expo
TelcoTV
Tower Summit
Light Reading Live & Virtual Events
Webinars

Most Popular
Cable Catchup
Cloud Connect Blog
Digital Life
Evil Bytes
InformationWeek Analytics
Interop Blog
Monkey Bidness
Over the Air
Personal Tech
The Philter
Valley Wonk

UBM TechWeb Reader Services

About UBM TechWeb
Reprints

Advertising Contacts

Technology Marketing Solutions

TechWeb Digital Library / White Papers

TechWeb Events Calendar

Contact Us

Feedback

TechWeb.com

Terms of Service | Privacy Statement | Copyright 2011 UBM TechWeb, All rights reserved.

Dark Reading Home

Attacks / breaches

Vulnerabilities
Encryption

Application Security
Client Security
NAC
Antivirus
Privacy
Blogs

Video
Webcasts
Newsletters
Sales and marketing contacts

Live events
TechWeb Digital Library
Send us a tip or comments
Site map

Perimeter Security
Security discussions

Security Management

Storage Security

Registration/membership
About us
Technology Marketing Solutions

5/2/2011 5:13 PM