Categories
Uncategorized

Digital Wildfire, How to Hack Facebook’s Algorithm to Spread Your Message.

Hello fellow hackers, its your resident script kitty here to talk about some of my recent research. How to use Facebook’s algorithm to spread your message by increasing visibility of posts.

Despite what Hollywood may have you think hacking isn’t always breaking into mainframes by typing binary into a phosphor monitor, if it was all you would need to do is type: color 0a, echo 01110100 01101000 01100101 00100000 01101101 01100001 01110100 01110010 01101001 01111000, and boom you’re Kevin Mitnick. Hacking in its essence is using a system in a way that was unintended to produce a result that favors you, that can be exploiting a system process to gain a root shell or it could be wearing a phone company uniform to gain access to a restricted area.

When it comes to hacking the Facebook algorithm we are going to focus on the second form, how do we make it work for us simply by using its core functions in a way that was unintended? Simple, we do what marketing teams have already been doing but in a more deliberate manner. Facebook’s post algorithm takes in a number of factors before showing a user a post in their news feed, many of these factors are out of our control such as who the user is friends with, the time of day, what geographical area they live in, etc.

What we can control however are some of the most important factors, user engagement. Facebook has come out on record that the reactions weigh the algorithm stronger than likes, in a 2017 statement Facebook said the following:

“So we are updating News Feed to weigh reactions a little more than Likes when taking into account how relevant the story is to each person.” (Source)

In 2018 Facebook made the next important change, prioritizing “meaningful conversations” In their official statement they said the following:

“Page posts that generate conversation between people will show higher in News Feed. For example, live videos often lead to discussion among viewers on Facebook – in fact, live videos on average get six times as many interactions as regular videos. Many creators who post videos on Facebook prompt discussion among their followers, as do posts from celebrities. In Groups, people often interact around public content. Local businesses connect with their communities by posting relevant updates and creating events. And news can help start conversations on important issues.”(Source)

This caused the perfect storm, due to these algorithm changes users were more engaged than ever but what they were engaging with was extremist content due to its natural ability to gather large amounts of reactions and comments. This brought a lot of scrutiny onto Facebook and now they are doing damage control, adding fact checks to misinformation and more importantly changing the algorithm once again.

The more recent change was to give positive reactions more weight than negative reactions, like remains rather neutral while Love, Wow & Angry, Sad give positive and negative weight respectively. Even in my own testing I have been unable to figure out how the Laugh react influences posts, it seems to be positive when its only Laughs but when laugh is used on a post with other reacts its influence is unknown (Probably due to sarcasm) if anyone knows more about how the Laugh influences the algorithm please let me know in the comments below!

So how do we use this to our advantage? Lets say that hypothetically we had a group of individuals that had a message that they wanted to spread, something really important like “Subscribe to the Buf-fur Overflow blog for topical Cyber Security discussion!” what is the best way to get this to as many people as possible? We use the tools we have just defined.

We know that positive reacts give greater weight so a coordinated effort to love every post, even if the content of the post was negative like “The Buf-fur Overflow blog is down for maintenance”. Despite the tragedy in the post prompting a natural want to react with Sad or Angry, the Love, and Wow reacts will spread the message further.

The next is to exploit the comments, a large number of comments with no replies will get flagged by the algorithm as engagement bait so the way around this would be to comment and to reply to others in the comments, for example to spread more information like so:

Commenter 1: The site may be down for maintenance but I know with our support it can be back up and running soon.

Commenter 2: That’s right! Once its back up remember we still have to subscribe to get the latest content!

Commenter @: Here is a link with some more information on server maintenance: example.com/info

This way Facebook will flag it as an active discussion, thus pushing it back into news feeds even if the user has already seen it. It also helps spread it to users who have not seen it by giving the post more weight.

The third and final strategy is to exploit media types. Some of you might remember the arms race between pages posting images and the Facebook algorithm trying to push video (Source). Well we are going to do the same here, videos especially live videos are highly favored by the algorithm. So instead of text posts we use live videos showing people how to subscribe to the Buf-fur Overflow blog or discussing server maintenance, this gives our message the final push.

With all these tricks combined the whole world will know that the Buf-fur Overflow blog is the best Cyber Security blog on the net! And hopefully you will too thanks to my not so subtle hinting. Now that you have read this I hope you keep it in mind next time you are scrolling through your news feed and at the very least I hope you learned something interesting about how the Facebook algorithm works.

That’s all for now but stay tuned for more Cyber Security discussion!

Signed: Your resident Script Kitty,

~Killer Kat