SocialPath–Open Source OSINT Tool to Track Username Reuse

SocialPath is an open-source intelligence tool designed to track usernames across social media.

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit and Stackoverflow. Collected data is sorted according words frequency, hashtags, timeline, mentions, similar accounts and presented as charts with the help of D3js. This technique allows me to track darknet users who does not use unique nicknames.

This sounds kind of crazy, right? I mean, if you were engaged in illegal activity or wanted to remain anonymous, using the same or similar usernames on various social media platforms would seem to be an obvious no-no.

And yet, sometimes these folks aren’t the brightest, or they need to use similar usernames to signal to potential collaborators that the Twitter and Reddit profile are reputationally identical.

On the defensive side, if you absolutely must use social media, it is probably best to start generating random usernames to avoid automated attacks like this.

As the SocialPath creator puts it,

From obvious reason I won’t publish results of my research but you can repeat it by yourself. When engaging in illegal activity on darknet, one should remember to treat their username as already compromised and should not share it across different services or even mention about it anywhere. Reality is often different and criminals get caught very often because of that mistake. SocialPath shows that it’s not hard to create this kind of app by anyone hence LE has more powerful tools, real time monitoring and bigger database including dumps from previous seized markets.

Leave a Reply