Early Prime Day Deals Roe v. Wade Overturned Surface Laptop Go 2 Review 4th of July Sales M2 MacBook Pro Deals Healthy Meal Delivery Best TVs for Every Budget Noise-Canceling Earbuds Dip to $100

Fake likes: Researchers uncover Facebook 'collusion networks'

Security flaw allowed at least a million Facebook accounts to generate more than 100 million "likes" and comments.

Social Media Illustrations and Donald Trump tweets
Are those real "likes" or fake ones?
Getty Images

You can't always judge a Facebook post by its number of likes.

That's one of the takeaways from a new study (PDF) documenting a security loophole that allowed at least a million Facebook accounts -- some real, some fake -- to generate more than 100 million "likes" and comments as part of so-called "collusion networks."

As reported by CBS News, researchers from the University of Iowa and Lahore University of Management in Pakistan uncovered "a thriving ecosystem of large-scale reputation manipulation services that leverage the principle of collusion."

The research was published Wednesday and will be formally presented at the Association for Computing Machinery Internet Measurement Conference on Nov. 1.

The research team found more than 50 sites offering free, fake "likes" for users' posts in exchange for access to their accounts. 

The collusion networks exploit OAuth code, which lets third-party apps like iMovie and Spotify access users' Facebook accounts.

Of course, the more likes a post gets, the more it gets pushed up in other people's feeds, ultimately bolstering attention to it and its influence. Authenticity has been a major issue for Facebook, which just Wednesday said it sold $100,000 worth of ads to inauthentic accounts likely linked to Russia during the election. It's also been working to combat fake news on the site and last month said it's blocking false news websites from advertising on Facebook.

On Thursday night, CBS News was able to enroll a fake Facebook account into a collusion network, granting it OAuth privileges through Apple's iMovie app. CBS News "watched as, within minutes, two posts from the brand new account gained dozens of likes," it said.

However, in a statement Friday, Facebook said it's blocked "the activity described in this research" and isn't seeing it anymore on the site.

"Meanwhile, we are investigating different techniques that could be used to generate inauthentic 'likes' in smaller volumes," the statement read.

The Smartest Stuff: Innovators are thinking up new ways to make you, and the things around you, smarter.

iHate: CNET looks at how intolerance is taking over the internet.