Content area
Full text
Abstract: The rapid emergence of new social media applications has introduced fresh vectors for cybercrime, highlighting the need for timely security vulnerability assessments. This paper presents a comprehensive security vulnerability assessment of Threads, a newly emerging social networking application, by examining its behaviour and data handling through a digital forensic analysis. The study followed a structured experiment which involved installing the the Universal Windows Platform (UWP) applications for Instagram and Threads on a Windows 11 device, conducting typical user activities between two test accounts, acquiring forensic disk images and memory dumps, capturing network traffic, followed by a digital forensic analysis of the discovered artifacts. The primary motivation behind this analysis is to uncover potential security vulnerabilities of the application through a forensic examination of data remnants left by the application. Data acquisition and analysis were carried out using tools such as FTK Imager, Autopsy, Belkasoft Evidence Center, Volatility 3 and Wireshark. The study revealed a range of security and privacy concerns related to the application's data storage, memory usage, and network utilization. For instance, user-generated content and application metadata were found in application files without adequate encryption and sensitive user credentials were discovered, in plaintext. Additionally, insecure handling of backend communications and permissive CORS configurations were observed, introducing risks such as session hijacking and Cross-Site Scripting (XSS) vulnerabilities. Findings of this research underscore the need for improved security mechanisms in modern social media applications. This study provides valuable insights for developers, cybersecurity professionals, and digital forensic investigators to strengthen the security posture of current social networking applications.
Keywords: Social network application security and privacy, Security vulnerability assessment, Social media forensics, Digital Forensics, Threads application
1. Introduction
The increase in the use of social media as a tool of communication has rapidly changed the way people interact and exchange information. A prime example of a new development is Threads, a Meta-owned text-only social networking application (Meta, 2023). Threads application is directly linked with Instagram application, which allows sharing username and profile picture. Users can share text or any multimedia files including images and videos, while messaging is supported only through Instagram. Koetsier (2023) states that Threads became the fastest-growing social media platform in 2023, reaching 100 million users in just 5 days, but its growth...