Pakistani researchers discover Facebook security flaw that generated millions of fake likes

Turns out people may have been exploiting a Facebook flaw to generate millions of fake likes and comments.

Facebook posts that receive the most traction are the ones that get shared the most, that get ‘liked’ a lot, and that get commented on. It appears that a lot of Facebook likes that seemed legit may not have been obtained via honest means.

A team of researchers has found that at least 1 million fake and real accounts joined a “collusion network” to generate over 100 million fake likes and comments. The team that conducted the study includes Fareed Zaffar of LUMS, Shehroze Farooqi and Zubair Shafiq from The University of Iowa, and Nektarios Leontiadis from Facebook.

The team states that in its research they uncovered “a thriving ecosystem of large-scale reputation manipulation services on Facebook that leverage the principle of collusion. Collusion networks collect OAuth access tokens from colluding members and abuse them to provide fake likes or comments to their members.”

“Collusion networks” are hard to track because they contain accounts that form an alliance and they benefit each other by liking and commenting on each other’s posts. This makes the posts seem more popular than they actually are and helps them gain more traction completely ignoring the fact that the post may include fake information. These colluding accounts exploit any third party apps that are linked with Facebook and retrieve their OAuth access tokens. These token allow access to a user’s Facebook account which can then be used in the collusion network. Such accounts are hard to detect because they act smartly and mix real and fake activity.

Keeping a check on false activity is a huge problem for social media sites. Facebook and Twitter currently have tens of millions of fake accounts operating on its platform. Moreover, Facebook recently admitted that it sold over $100,000 worth of ads to fake Russian accounts that may have influenced the 2016 US Presidential election and a majority of fake news being promoted on Facebook is also said to have played a significant role in the election.

This team is the first to report large-scale OAuth access token abuse and has teamed up with Facebook in order to mitigate this problem.

The research was published last Wednesday and will be presented at the Association for Computing Machinery Internet Measurement Conference on November 1, 2017.