Meta dismantled the largest Russian network since the war in Ukraine began

Meta dismantled a network of Facebook and Instagram accounts spreading disinformation across European countries.

Meta announced to have taken down a huge Russian network of Facebook and Instagram accounts used to spread disinformation published on more than 60 websites impersonating news organizations across Europe. The disinformation operation began in May 2022, the network targeted primarily Germany, France, Italy, Ukraine and the UK, it was spreading fake content related to the war in Ukraine and its impact in Europe. Meta pointed out that this is the largest and most complex Russian operation they’ve disrupted since the war in Ukraine began.

The shared articles criticized Ukraine and Ukrainian refugees, applauded Russia, and argued that Western sanctions on Russia would backfire.

“We took down a large network that originated in Russia and targeted primarily Germany, and also France, Italy, Ukraine and the United Kingdom. The operation began in May of this year and centered around a sprawling network of over 60 websites carefully impersonating legitimate news organizations in Europe, including Spiegel, The Guardian, Bild and ANSA.” reads the report published by Meta.

“There, they would post original articles that criticized Ukraine and Ukrainian refugees, supported Russia and argued that Western sanctions on Russia would backfire.”

Below is a list of domains used to impersonate legitimate news organizations:

• Avisindependent[.]eu 6/3/2022 France
• bild[.]pics 6/6/2022 Germany
• rrn[.]world 6/6/2022 Multiple
• dailymail[.]top 6/10/2022 UK
• repubblica[.]life 6/13/2022 Italy
• delfi[.]life 6/15/2022 Latvia
• dailymail[.]cam 6/23/2022 UK
• dailymail[.]cfd 6/23/2022 UK
• 20minuts[.]com 6/28/2022 France
• ansa[.]ltd 6/28/2022 Italy
• spiegel[.]ltd 6/29/2022 Germany
• theguardian[.]co[.]com 7/7/2022 UK

Threat actors behind this operation promoted the articles and also original memes and YouTube videos across many internet services, including Facebook, Instagram, Telegram, Twitter, petitions websites Change.org and Avaaz, and even LiveJournal.

“The amplification on social media, on the other hand, relied primarily on crude ads and fake accounts. In fact, on our platforms, the majority of the accounts, Pages and ads were detected and removed by our automated systems before we even began our investigation.” continues the report. “Together, these two approaches worked as an attempted smash-and-grab against the information environment, rather than a serious effort to occupy it long-term.”

Meta shared some numbers related to this campaign:

• Presence on Facebook and Instagram: 1,633 accounts, 703 Pages, one Group and 29 accounts on Instagram.
• Followers: About 4,000 accounts followed one or more of these Pages, less than 10 accounts joined this Group and about 1,500 accounts followed one or more of these Instagram accounts.
• Advertising: Around $105,000 in spending for ads on Facebook and Instagram, paid for primarily in US dollars and euros.

Meta also disrupted for the first time a Chinese network focused on U.S. domestic politics. The Chinese-origin influence operation also targeted the Czech Republic. It ran across Facebook, Instagram, Twitter, and also two petition platforms in Czechia.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, disinformation)

[adrotate banner=”5″]

[adrotate banner=”13″]