Security Vulnerability Assessment on Threads Application through Digital Forensics Analysis

Abstract

The rapid emergence of new social media applications has introduced fresh vectors for cybercrime, highlighting the need for timely security vulnerability assessments. This paper presents a comprehensive security vulnerability assessment of Threads, a newly emerging social networking application, by examining its behaviour and data handling through a digital forensic analysis. The study followed a structured experiment which involved installing the the Universal Windows Platform (UWP) applications for Instagram and Threads on a Windows 11 device, conducting typical user activities between two test accounts, acquiring forensic disk images and memory dumps, capturing network traffic, followed by a digital forensic analysis of the discovered artifacts. The primary motivation behind this analysis is to uncover potential security vulnerabilities of the application through a forensic examination of data remnants left by the application. Data acquisition and analysis were carried out using tools such as FTK Imager, Autopsy, Belkasoft Evidence Center, Volatility 3 and Wireshark. The study revealed a range of security and privacy concerns related to the application’s data storage, memory usage, and network utilization. For instance, user-generated content and application metadata were found in application files without adequate encryption and sensitive user credentials were discovered, in plaintext. Additionally, insecure handling of backend communications and permissive CORS configurations were observed, introducing risks such as session hijacking and Cross-Site Scripting (XSS) vulnerabilities. Findings of this research underscore the need for improved security mechanisms in modern social media applications. This study provides valuable insights for developers, cybersecurity professionals, and digital forensic investigators to strengthen the security posture of current social networking applications.