Ad-Laundering: Bribes & Backdoors

ShmooCon XV - 2019

Presented by: John Amirrezvani
Date: Friday January 18, 2019
Time: 16:00 - 16:20
Location: Main Room
Track: One Track Mind

Ad-Laundering is a new tactic for exploiting social media platforms to spread fake news and fraud via legitimate users. As Facebook and other social media platforms have faced pressure to stem the flow of fake news, they have begun to make it more difficult for fake accounts to buy ads on their platform. As a result malicious groups have pivoted from creating fake accounts to bribing people with real profiles into enabling their dirty deeds. While the overall strategy of targeted manipulation via ads is well known, ad­laundering is creating new headaches for social media platforms looking to balance income and integrity.

In this presentation we will cover how I stumbled across this technique, identified various similar campaigns, and an analysis of their approach for enabling access to target accounts. Additionally any IOCs will be made available.

John Amirrezvani

John Amirrezvani (@trojawn) is a security researcher with Novetta and alumni of Whitehatters Computer Security Club at USF. He has taught workshops at BSidesLV and BSidesNoVA.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats