Facebook parent Meta has tied a recent influence operation powered by tens of accounts, pages and groups to the United States military.
The social media giant on Tuesday released its adversarial threat report for the third quarter of 2022. During Q3, in addition to disrupting operations linked to Chinese and Russian threat actors, the company disrupted an operation that has been connected to the United States.
According to Meta, the operation that originated in the US focused on countries such as Afghanistan, Algeria, Iran, Iraq, Kazakhstan, Kyrgyzstan, Russia, Somalia, Syria, Tajikistan, Uzbekistan and Yemen.
Meta has removed 39 Facebook accounts, 16 pages, and two groups, as well as 26 Instagram accounts related to this operation for violating policies on coordinated inauthentic behavior. However, the company said the campaign actually ran across multiple online services, including YouTube, Twitter, Telegram and the Russian social media sites Odnoklassniki and VKontakte.
According to the social media giant, the influence operation involved posts written mainly in Arabic, Farsi and Russian, covering news, sports, culture and current events. Some of the posts praised the US military while others criticized Iran, Russia and China, including Iran’s influence in the Middle East, China’s treatment of the Uyghurs, and Russia’s war against Ukraine.
Data collected by the company shows that roughly 22,000 accounts had followed one or more of the offending Facebook pages, and 400 accounts joined at least one of the groups. Around 12,000 accounts followed one or more of the instagram accounts. Approximately $2,500 was spent for Facebook ads — the money was paid in British pounds and US dollars.
However, a majority of the posts published as part of the operation had little to no genuine engagement.
“Although the people behind this operation attempted to conceal their identities and coordination, our investigation found links to individuals associated with the US military,” Meta said.
This campaign was previously detailed in August by Graphika and the Stanford Internet Observatory (SIO), in a report focusing on pro-Western covert influence operations observed over a period of five years. The report did not explicitly say that the US military was behind some of the operations, but the US military was mentioned.
After the report was published, The Washington Post reported that these influence operations had raised concerns in the White House, and the Pentagon had ordered an audit into how clandestine information warfare is conducted.
Meta regularly releases reports detailing the actions taken against misinformation campaigns, but it’s rare for the United States to be named as a source of these campaigns.
Related: Facebook Battles Cyber Campaigns Targeting Ukraine
Related: Facebook Removes More State-Linked Misleading Accounts
Related: Facebook, Twitter Take Down More State-Linked Accounts

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Dole Says Employee Information Compromised in Ransomware Attack
- High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
Latest News
- CISA, NSA Issue Guidance for IAM Administrators
- Analysis: SEC Cybersecurity Proposals and Biden’s National Cybersecurity Strategy
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Cisco Patches High-Severity Vulnerabilities in IOS Software
- ‘Nexus’ Android Trojan Targets 450 Financial Applications
- Tackling the Challenge of Actionable Intelligence Through Context
- Dole Says Employee Information Compromised in Ransomware Attack
- Backslash Snags $8M Seed Financing for AppSec Tech
