Social Networking

Control of friends and followers on Twitter (API 1.1 update)

More than 2 years ago (that's a lot of time!) I published a simple Python script to monitor a Twitter account using Tweepy: basic account information, inactive friends and new/lost followers. But this script stopped working some time ago because Twitter updated its API to version 1.1. This update made obligatory using authentication to make any request and they also modified the request limits. Before the update, there was a limit of 150/350 requests per hour, depending on whether the request was authenticated or not, but now these limits are per request type and per 15 minutes. For example, to get a list of friends you can make a maximum of 15 requests per quarter of hour, but you can make other 15 to get a list of followers. If someone is late (like me) with the new API here you can find the full changelog.

Before starting to modify the code I had to update the Tweepy version too (2.1). The best and easiest way is using pip:

$ pip install tweepy


Control of friends and followers on Twitter

I'm going to lay aside PDF files and malware to write a simple script to control friends and followers on Twitter. We use to have a lot of them and it's difficult to know if our friends haven't written some time ago or our followers have left. But we can use one of the multiple modules (talking about Python) to communicate with the Twitter API and solve this task. I've chosen Tweepy because I think it's very simple and well documented. What we want to obtain from Twitter is:

It's important to highlight that we cannot obtain all the friends/followers with one API request  but  only 100 each time. We can use the Cursors object from Tweepy to solve this very easily:

followersCursor = tweepy.Cursor(tweepy.api.followers,id=user)
for follower in followersCursor.items():

ZeuS spreading via Facebook

ZeuS is still the talk of the town. It's downloaded through fake antivirus, downloaders and several exploit kits. Of course, the best-known social networking site couldn't be out of this. Last week we could see some Facebook messages like the following:

The link in the message would take the users to a Facebook phishing page where they were requested to authenticate. Simultaneously, obfuscated Javascript code was being executed, creating a hidden iframe in the page body:

This iframe redirected the user to another web page with two more iframes:

<iframe g1g="321" src="xd/pdf.pdf" l="56" height="31" width="13">
<iframe g1g="321" src="xd/sNode.php" l="56" height="31" width="13">

After advancing further, we arrived to a directory listing in the same server:

Syndicate content