MAC-address OSINT

I propose to study the sources intended for the study of the MAC address. MAC or Media Access Control is a unique combination of numbers and letters 48 characters long. In fact, this is the hardware number of the equipment (computer, server, router, switch port), which is assigned to the network card of the device at the time of its production. This address is hardwired, although in the latest versions of smartphones it can be randomized to avoid surveillance.

To begin with, I will give several sources that allow you to get general information about the manufacturer and device by its MAC address. I really liked the https://macaddress.io/ service, but there are others https://www.macvendorlookup.com/, http://samy.pl/mapxss/, https://2ip.ua/ru/services /information-service/mac-find or https://www.networkcenter.info/inform/mac. All of them are quite informative.

Now about geolocation. If our MAC address belongs, for example, to a router, then it has an exact geographical reference. Google and Yandex took care of this in advance. Let’s use https://alexell.ru/network/mac-geo/, https://xinit.ru/wifi/ or the excellent service https://wigle.net/ to find the location of the device.

If our device is not a router, but, say, a smartphone or a laptop, then the task becomes more complicated. Such gadgets also have their own MAC address. But, firstly, it is not tied to the area. And, secondly, it can change over time. This is where the ADINT technique comes to the rescue, which allows us to establish a link between the MAC address and the user’s unique advertising identifier. We can use most advertising systems within ADINT, such as https://audience.yandex.ru/, https://ads.google.com/ or https://target.my.com/.

ADINT (from English advertising intelligence) — intelligence based on advertising. The concept of ADINT was introduced at the end of 2017 by researchers at the University of Washington https://adint.cs.washington.edu/. In a practical experiment, the researchers proved the possibility of using a targeted advertising campaign for physical and digital surveillance of objects that use smartphone applications with embedded advertising.

I conducted ADINT using the Yandex.Audience service. During the analysis, two files were uploaded to the service. The first file, “CONTROL GROUP,” contained a list of 100 random MAC addresses. The second file “EXPERIMENTAL GROUP” contained the same list of MAC addresses as in the file “CONTROL GROUP”, but with the addition of the MAC address under study. Further conclusions were made on the basis of studying the difference in the results of processing both files.

ADINT showed that: the MAC address being searched has one unique advertising identifier in the ecosystem of Yandex services. This advertising identifier, and therefore the MAC address you are looking for, is probably used in the city of Moscow, from a personal computer. The alleged owner may be a man in the age group of 35 to 45 years.

A targeted advertising campaign was launched in the Yandex.Direct service to determine the location of the owner of the MAC address. In Moscow, geographic zones were identified, in which geotargeted advertising was launched according to the identified advertising identifier. The launch of the target showed that users included in the “EXPERIMENTAL GROUP” list received advertising messages 17 times within 6 days in a given geographical area.

… join my Medium Blog https://medium.com/@ibederov_en, Facebook https://www.facebook.com/ibederov.en/ or Telegram https://t.me/ibederov_en!