14 DAY TRIAL // A group of security researchers claim to stumble across a massive bot farm aimed at influencing public opinion on Facebook during the 2020 presidential election and the pandemic.
According to Paul Bischoff of Comparitech, a British cybersecurity firm, the network includes 13,775 unique Facebook accounts that each post about 15 times per month, resulting in a weekly output of more than 50,000 posts.
According to Bischoff, the accounts appear to have been used for political manipulation, with half of the posts related to political topics and another 17% related to COVID-19.
Each account comes with a profile photo and a friends list, which the researchers believe is made up mostly of other bots. All joined "specific Facebook groups where their posts are more likely to be seen and discussed by legitimate users."
The researchers discovered that “Trump” was the most frequently used keyword in the posts, followed by “Biden.” The accounts date back to October 2020, and they were active around the California wildfires, Belarus protests, and U.S. border issues. Moreover, specific events in the 2020 U.S. presidential elections were among the posts.
The researchers found out that the fake accounts were created and managed using Selenium, a framework for testing web applications that can also be used to mimic human behavior in ways that most automated bot detection software may miss.
Facebook promises to investigate, yet no update so far
According to a Comparitech spokesperson, when Bob Diachenko, an independent cybersecurity expert who assisted with the research, attempted to bring the team's findings to Facebook's attention, the platform did not respond. A Facebook representative said the company will investigate a sample of the accounts identified by Comparitech, but declined to provide any additional information.
Since the 2016 Russian election interference operation, Facebook has become much more active and aggressive in publicly identifying and removing what it calls "coordinated inauthentic behavior" on the platform.
Inauthentic activity is defined as the attempt to mislead people about who they are and what they are doing while relying on fake accounts. It can be government-sponsored or private. The company claims to have removed 1,565 suspect Facebook accounts, 141 Instagram accounts, 724 pages, and 63 groups in the last month alone.
The email addresses that registered the fake Facebook accounts were visible to the Comparitech researchers. The researchers did not say who was behind the bot farm or who controlled the unsecured server, even though many used the .ru domain and appeared to originate in Russia.