Meta disrupted two influence campaigns from China and Russia

Meta disrupted two influence campaigns orchestrated by China and Russia, the company blocked thousands of accounts and pages.

Meta announced it has taken down two of the largest known covert influence operations originating from China and Russia.

The social network giant revealed it has blocked thousands of accounts and pages across its platform.

The company removed 7,704 Facebook accounts, 954 Pages,15 Groups, and 15 Instagram accounts to dismantle the operation from China. The entities were removed for violating our policy against coordinated inauthentic behavior.

The researchers reported that about 560,000 accounts followed one or more of these Pages, fewer than 10 accounts joined one or more of these Groups and about 870 accounts followed one or more
of these Instagram accounts. The pages were likely acquired from spam operators with built-in inauthentic followers primarily from Vietnam, Bangladesh and Brazil.

This network targeted several regions across the world, including Taiwan, the United States, Australia, the United Kingdom, Japan, and global Chinese-speaking audiences.

“It targeted more than 50 apps, including Facebook, Instagram, X (formerly Twitter), YouTube, TikTok, Reddit, Pinterest, Medium, Blogspot, LiveJournal, VKontakte, Vimeo, and dozens of smaller platforms and forums.” reads the announcement published by Meta. “For the first time, we were able to tie this activity together to confirm it was part of one operation known in the security community as Spamouflage and link it to individuals associated with Chinese law enforcement.”

This network focused on the distribution of spammy links, along with memes and text posts. The researchers linked the activity to a number of more complex and long-running large clusters of activity (known as Spamouflage) based on notable distinctive errors, behavioral patterns and operational structure.

The threat actors behind the Chinese network invested at least $3,500 in ads related to this operation, most of the payments are in in Chinese yuan, Hong Kong dollars and US dollars.

The Chinese government denied any involvement in influence campaigns and accused Western governments of disinformation on China.

“I’m not aware of what you mentioned. Some people and institutions have launched one “rumor campaign” after another against China on social media platforms and spread a tremendous amount of disinformation about China.” said Foreign Ministry spokesperson Wang Wenbin during a regular press conference on August 30, 2023. “We hope that relevant company can uphold the principle of objectivity and impartiality, avoid applying double standards, truly differentiate rumors and lies from truth and facts, and take concrete steps to weed out disinformation on China.”

Meta also blocked thousands of malicious website domains and blocked attempts to run fake accounts and Pages on its platform. This second activity is related to the Russian operation known as Doppelganger that was disrupted by Meta in 2022. The Doppelganger activist involved dozens of websites spreading Russian propaganda related to the war in Ukraine. 

“This operation was focused on mimicking websites of mainstream news outlets and government entities to post fake articles aimed at weakening support for Ukraine. It has now expanded beyond initially targeting France, Germany and Ukraine to also include the US and Israel.” concludes the report. “This is the largest and the most aggressively-persistent Russian-origin operation we’ve taken down since 2017.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, influence campaigns)