Online Social Networks (OSNs) have become an integral part of today's Web. Politicians, celebrities, revolutionists, and others use OSNs as a podium to deliver their message to millions of active web users. Unfortunately, in the wrong hands, OSNs can be used to run astroturf campaigns to spread misinformation and propaganda. Such campaigns usually start o� by in�ltrating a targeted OSN on a large scale. In this paper, we evaluate how vulnerable OSNs are to a large-scale in�ltration by socialbots: computer programs that control OSN accounts and mimic real users. We adopt a traditional web-based botnet design and built a Socialbot Network (SbN): a group of adaptive socialbots that are or- chestrated in a command-and-control fashion. We operated such an SbN on Facebook|a 750 million user OSN|for about 8 weeks. We collected data related to users' behav- ior in response to a large-scale in�ltration where socialbots were used to connect to a large number of Facebook users. Our results show that (1) OSNs, such as Facebook, can be in�ltrated with a success rate of up to 80%, (2) depending on users' privacy settings, a successful in�ltration can result in privacy breaches where even more users' data are exposed when compared to a purely public access, and (3) in prac- tice, OSN security defenses, such as the Facebook Immune System, are not e�ective enough in detecting or stopping a large-scale in�ltration as it occurs.