The US government on Wednesday announced the disruption of a major Russian influence campaign that leveraged cybersquatted domains, AI-generated content, influencers, and social media platforms.
The operation targeted a campaign dubbed Doppelganger, which the Justice Department says violated money laundering and criminal trademark laws.
The campaign spread misinformation in an effort to influence the 2024 US presidential election. The Justice Department did not clearly state it, but evidence made public on Wednesday shows that the influence campaign attempted to boost Donald Trump.
The US has long accused the Russian government of trying to meddle in and disrupt its elections, but this campaign went beyond election interference.
The goal of the campaign was also to sow division within the US, reduce international support for Ukraine, and boost pro-Russian interests and policies.
The Justice Department announced the seizure of 32 domains created as part of the Doppelganger campaign. Some of these domains had typosquatted names that were meant to trick visitors into believing that they were legitimate news websites, such as The Washington Post and Fox News. One of the domains, for instance, was washingtonpost[.]pm, according to an affidavit made public on Wednesday.
The fake websites copied the legitimate sites, and the articles appeared to be posted by known journalists affiliated with the targeted news organization. However, the sites displayed false stories that promoted Russian government propaganda.
Investigators found that accessing the domains directly would show a blank page or an error. Users were led to the pages hosting the propaganda content through social media posts and ads.
As part of the Doppelganger campaign, the US government says, Russia also created original brands with original domains. These domains pushed the same articles, but appeared to be managed by independent journalists or independent news organizations.
On social media platforms, the threat actors created accounts that purported to be affiliated with major news organizations such as CNN and BBC, and leveraged them to deliver fake content, including images and videos generated using artificial intelligence tools.
The Justice Department also announced charges against two Russian nationals, Kostiantyn Kalashnikov and Elena Afanasyeva, both employees of state-controlled media outlet RT (formerly Russia Today).
RT, through Kalashnikov and Afanasyeva, paid a Tennessee-based company nearly $10 million to publish thousands of videos on social media platforms. The videos covered various issues, such as immigration and inflation, and were meant to amplify domestic divisions. After the news broke, some of the social media influencers that made videos for the Tennessee company (believed to be Tenet Media), came forward to say that they had been deceived.
The Treasury Department on Wednesday announced sanctions against 10 individuals and two entities believed to have been involved in Russia’s malign influence operations, including Kalashnikov and Afanasyeva, who remain at large.
The Department of State has announced visa restrictions against individuals involved in the campaign, and is offering up to $10 million for information on members of a group named RaHDit (Russian Angry Hackers Did It), which has been associated with the Russian government and whose members have disseminated and amplified disinformation and propaganda.
Related: Federal Cybersecurity Agency Launches Program to Boost Support for State, Local Election Offices
Related: How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack
Related: US Government Releases Guidance on Securing Election Infrastructure
