How to rig an election… or do whatever the f@!$ you want with Social Media

Social media platforms like Twitter, Facebook, Reddit, etc. played a big role in the last election, which made Donald Trump the newest President, and Mike Pence the newest vice president of the United States of America. However, there was always arguments that the election was rigged, they blamed Russia for the hacking and rigging the election, but it could’ve been virtually anyone.

In the age of technology, it is now becoming trivial to rig anything you want online, elections, votes, polls, etc. You name it — we can rig it. Why rig an election? Why the hell not, I ask? Just for fun, right? No real damage done, right? It causes a bit of drama, most people laugh, but rigging an election is very serious. We won’t show you how we can do it, more, how it can be done.

Let’s rig an election

First, you’ll need some resources…

Yep, just a simple Raspberry Pi can buy you an election… $20. Now, configure your Raspberry Pi with any flavor of Debian/Ubuntu, and install NodeJS (yes, we can rig an election with Javascript, got a problem with it?).

Okay, we got this setup, now we need to evade basic detection of mass account creation, luckily we can use PhantomJS for emulating of the browser (or Electron, both work!), and use free software online to scrap for 10’s of thousands of proxies in under 10 minutes. Let’s begin, I start scanning for proxies using Net Ghost — a free proxy scanner, and leave for 10 minutes to go get a coffee. When I arrive back…. Jackpot! 7000+ proxies scanned.

Okay, that’s all nice, but we’ll assume only 80% of them will still work, but we want to make our attempts fast, so we use the Checker tab, and limit the scan rate to 1200ms timeout, and 50 threads. This took about 33 seconds (on a gbit connection) to check 7000 proxies for their status….

Score! 300, this is a good start. Average 200–900ms timeout, this is awesome so far. Now we got to get down to the dirty business, making accounts. Luckily, for a quick $ on a known website (which I won’t list), you can nab yourself a Reddit tool that’ll create accounts, upvote, downvote, comment, subscribe, etc. on Reddit, and bypass their vote fuzzing and blocking.

Sweet! So far, we’ve only invested $40 all in Bitcoin. So, now we’ve got a big platform Reddit covered, but Mr. Trump loved to tweet, so we got to do Twitter, right? Now, there aren’t a lot of non-expensive Twitter bots, and we wanted to do this on the cheap. So, we used Fiddler and figured out how the API endpoints for Twitter’s mobile registration works, then simply recreated it using PhantomJS in NodeJS, with automatic generators…

Sweet! 87 lines of code there we go. That’s right, it only took 87 lines of code to own your election.

And bingo! It works beautifully. Now we’ve got the Twitter, Reddit tools made, we’ve just got to find juicy stuff to get trending. We’ve made our Twitter tool get random photos from the internet, put them as pictures, bios, etc. and tweet stuff before the biasing that we want to do. This makes it look more legitimate, we wait about 7 days before using new account sets, and automate them for 7 days. Our tool has never got any of our accounts suspended. We currently hold a jackpot of 223,500 accounts on Twitter, and 132,501 on Reddit.

Now, writing propaganda, for Twitter it had to be under 140 characters, so we have to make it juicy…. “Donald Trump sex tape leaked!” — sounds good, right? Then, Reddit we needed longer but juicier, because 62% of reddit users (in our test) will look at the title, upvote without even reading the article, so it doesn’t matter what the article content is, what matters is the title we give it…. “Donald Trump says ‘we will force Mexico to pay for wall, otherwise declare war on Mexico’” — now, that my friends, is juicy! Now, we get the upvoting started on the posts, and the retweets and tweets going, each tweet is similar but somewhat unique to make it look more real (thank you, Natural Language Processing and a little bit of magic), and within 24 hours, not only have we hit the front page of Reddit, but we’re also trending in multiple countries, and the media is picking up on our fake news, like wildfire! Score. We just biased an election.

Note: We did not actually bias or rig the U.S.A. Election, merely this is a proof of concept to show how trivial it is, and why you should never trust social media, it will only backfire on you, yes Donald and Hillary, I’m looking at you. Can we feel the Bern?

Lessons learned

  1. Rigging an election is as easy as eating a pie — effortless
  2. Anyone, including an internet troll, can cause any drama, rig elections, etc. in matter of seconds
  3. Please, don’t trust social media, the trolls will just lie to you
  4. In under 400 total lines of code, 1 coffee, I can make you believe anything I want on Social Media platforms
  5. All social media platforms can be used against you, without you knowing it’s just trolls

I encourage everyone to never trust social media — because as you’ve seen here, anything is possible.