Connect with us

Hi, what are you looking for?



Twitter Shuts Down Four Networks of State-Sponsored Disinformation Accounts

Twitter this week announced that it has suspended multiple accounts that were found to be part of four networks involved in disinformation activities associated with Armenia, Iran, and Russia.

Twitter this week announced that it has suspended multiple accounts that were found to be part of four networks involved in disinformation activities associated with Armenia, Iran, and Russia.

The threat actors behind these accounts are believed to be state-sponsored, and Twitter permanently suspended all four networks, for violating its manipulation policies.

The Iran-linked accounts, the social media platform says, were part of a network that was initially dismantled in October 2020. Roughly 130 accounts part of that network were suspended at the time, based on information provided by the FBI.

The accounts were “attempting to disrupt the public conversation during the first 2020 US Presidential Debate,” Twitter says. The investigation into the network has resulted in an additional 108 accounts operating from Iran being suspended.

The accounts in this network, Twitter underlines, had low engagement, with little impact on public conversation.

A total of 35 accounts linked to the government of Armenia were recently removed from Twitter, all created to “advance narratives that were targeting Azerbaijan and were geostrategically favorable to the Armenian government,” the company says.

Some of the fake accounts claimed to represent government and political figures or news entities in Azerbaijan. The network engaged in spam campaigns to attract followers and amplify the narrative.

Other networks that were recently suspended were found to be linked to Russia, Twitter reveals.

Advertisement. Scroll to continue reading.

Consisting of 69 fake accounts, the first of the networks was tied to Russian state actors and was meant to amplify narratives aligned with the interests of the Russian government. A subset of the network was focused on “undermining faith in the NATO alliance and its stability.”

An additional 31 accounts that were part of two other networks were believed to be affiliated with the Internet Research Agency (IRA) and with Russian government-linked actors.

“These accounts amplified narratives that had been previously associated with the IRA and other Russian influence efforts targeting the United States and European Union,” Twitter explains.

All of these accounts have been added to Twitter’s archive of state-linked information operations, allowing researchers to conduct their own investigations and analysis. Since October 2018, Twitter has suspended more than 85,000 accounts associated with manipulation campaigns.

Related: Facebook Closes Disinformation Accounts Linked to French Military

Related: U.S. Seizes More Domains Used by Iran for Disinformation

Related: ‘Ghostwriter’ – Widespread Disinformation Campaign Associated with Russia

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...