Show simple item record

dc.contributor.authorKurowski, Sebastian
dc.contributor.editorHühnlein, Detlef
dc.contributor.editorRoßnagel, Heiko
dc.date.accessioned2017-06-30T21:00:29Z
dc.date.available2017-06-30T21:00:29Z
dc.date.issued2014
dc.identifier.isbn978-3-88579-631-2
dc.identifier.issn1617-5468
dc.description.abstractThis paper aims at raising awareness on the issue of using unfixed vulnerabilities for targeted attacks in order to harness private or even corporate information. We demonstrate an attack by using a well-known, yet not fixed whatsapp vulnerability, enabling us to eavesdrop the cell-phone number of a victim. We identified the concrete states, in which whatsapp leaks the cell-phone number of a victim. By using a volunteering individual, we demonstrate the feasibility of profiling the individual and provide further steps on how to disclose private and corporate information by using the leaked cell-phone number and the profiled information to introduce the adversary into a trust relationship with the victim. Once the victim trusts the adversary, social phishing can be used to retrieve further private or even corporate information.en
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofOpen Identity Summit 2014
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-237
dc.titleUsing a whatsapp vulnerability for profiling individualsen
dc.typeText/Conference Paper
dc.pubPlaceBonn
mci.reference.pages140-146
mci.conference.locationStuttgart
mci.conference.date4.-6. November 2014


Files in this item

Thumbnail

Show simple item record