Social Media

Pakistani researchers discover Facebook security flaw that generated millions of fake likes

Turns out people may have been exploiting a Facebook flaw to generate millions of fake likes and comments.

Facebook posts that receive the most traction are the ones that get shared the most, that get ‘liked’ a lot, and that get commented on. It appears that a lot of Facebook likes that seemed legit may not have been obtained via honest means.

A team of researchers has found that at least 1 million fake and real accounts joined a “collusion network” to generate over 100 million fake likes and comments. The team that conducted the study includes Fareed Zaffar of LUMS, Shehroze Farooqi and Zubair Shafiq from The University of Iowa, and Nektarios Leontiadis from Facebook.

The team states that in its research they uncovered “a thriving ecosystem of large-scale reputation manipulation services on Facebook that leverage the principle of collusion. Collusion networks collect OAuth access tokens from colluding members and abuse them to provide fake likes or comments to their members.”

“Collusion networks” are hard to track because they contain accounts that form an alliance and they benefit each other by liking and commenting on each other’s posts. This makes the posts seem more popular than they actually are and helps them gain more traction completely ignoring the fact that the post may include fake information. These colluding accounts exploit any third party apps that are linked with Facebook and retrieve their OAuth access tokens. These token allow access to a user’s Facebook account which can then be used in the collusion network. Such accounts are hard to detect because they act smartly and mix real and fake activity.

Keeping a check on false activity is a huge problem for social media sites. Facebook and Twitter currently have tens of millions of fake accounts operating on its platform. Moreover, Facebook recently admitted that it sold over $100,000 worth of ads to fake Russian accounts that may have influenced the 2016 US Presidential election and a majority of fake news being promoted on Facebook is also said to have played a significant role in the election.

This team is the first to report large-scale OAuth access token abuse and has teamed up with Facebook in order to mitigate this problem.

The research was published last Wednesday and will be presented at the Association for Computing Machinery Internet Measurement Conference on November 1, 2017.

Sponsored
Maryam Dodhy

I love bringing to light stories of extraordinary people working in Pakistan's tech and startup industry. You can reach out to me through maryamdodhy@techjuice.pk.

Share
Published by
Maryam Dodhy

Recent Posts

Pakistan Inaugurates First Genetic Molecular Laboratory at JSMU

Pakistan’s first genetic molecular laboratory has been inaugurated with the cooperation of the Association of…

14 mins ago

NUST Appoints Lt Gen (R) Zahid Latif to Lead as Rector

ISLAMABAD: Dr. Muhammad Zahid Latif, a renowned Pakistani academic and a former lieutenant general of…

15 mins ago

WeTransfer Launches New Subscription Plans: Here’s What You Need to Know

WeTransfer, a file transferring service, announced that its free plan would now only allow 10…

40 mins ago

Meta denies claims regarding Palestinian news restriction

Meta has refuted accusations that it intentionally restricted Palestinian news coverage, explaining that balancing free…

2 hours ago

Pakistan’s Default Risk Drops 93% as CDS Spreads Hit Lowest Level in Years

Pakistan's sovereign default risk has significantly reduced by 93%, with 5-year CDS spreads dropping to…

2 hours ago

Pakistan’s Economic Outlook 2024: Key Insights from the PSER Report

The newly released Pakistan Startup Ecosystem Report (PSER) 2024 provides an in-depth analysis of the…

3 hours ago