A group of security researchers say they’ve unmasked a massive bot farm that aimed to shape public opinion on Facebook during the heat of the 2020 presidential election.
According to Paul Bischoff of Comparitech, a British cybersecurity company, the network includes 13,775 unique Facebook accounts that each posted roughly 15 times per month, for an output of more than 50,000 posts a week. The accounts appear to have been used for “political manipulation,” Bischoff says, with roughly half the posts being related to political topics and another 17 percent related to COVID-19. Each account has a profile photo and friends list—likely consisting of other bots, the researchers suggest—and they’ve joined “specific Facebook groups where their posts are more likely to be seen and discussed by legitimate users.”
The most-used keyword in the posts was “Trump,” the researchers found, followed by “Biden.” The accounts date back at least as far as October 2020, and, in addition to posts discussing specific events in the 2020 US presidential elections, were also active around the California wildfires, protests in Belarus, and US border issues. The researchers were able to determine that the fake accounts were created and controlled using Selenium, software designed to automate web application testing, but that can also be used to mimic human behavior in ways that could be difficult for automated bot detection software to spot.
According to a Comparitech spokesperson, Facebook did not respond to Bob Diachenko, an independent cybersecurity expert who helped lead the research, when he attempted to bring the teams’s findings to the platform’s attention. A Facebook representative said the company would look into a sample of the accounts identified by Comparitech, but declined further comment.
Facebook has become much more active and aggressive at publicly identifying and taking down what it calls “coordinated inauthentic behavior” operating on the platform since the 2016 Russian election interference operation. Such inauthentic activity, which the company defines as when posters seek “to mislead people about who they are and what they are doing while relying on fake accounts,” can include government-backed or private efforts. Just last month, the company claims it had removed 1,565 suspect Facebook accounts, along with 141 Instagram accounts, 724 pages, and 63 groups.
The Comparitech researchers were able to see the email addresses that purportedly registered the phony Facebook accounts. While many used “mail[.]ru” accounts seemingly originating in Russia, the researchers did not allege who was behind the bot farm, or who controlled the unsecured server.