Facebook dismantled a vast manipulation campaign tied to Iran

Facebook took down hundreds of fake accounts from Iran that were involved in a vast manipulation campaign active in more than 20 countries.

Facebook took down 783 inauthentic accounts, pages and groups from Iran that were involved in a vast manipulation campaign active in more than 20 countries.

“The world’s biggest social network said it removed 783 pages, groups and accounts “for engaging in coordinated inauthentic behavior tied to Iran.“” reported the AFP Press.

Nathaniel Gleicher, head of cybersecurity policy at Facebook, revealed that the pages were promoting Iranian interest in tens of countries, threat actors used fake identities as residents of those nations,

The pages were part of a campaign to promote Iranian interests in various countries by creating fake identities as residents of those nations, according to a statement by Nathaniel Gleicher, head of cybersecurity policy at Facebook.

Facebook continues its efforts to prevent manipulation of its platform for fraudulent activities.

“We are constantly working to detect and stop this type of activity because we don’t want our services to be used to manipulate people,” Gleicher
declared.

“We’re taking down these pages, groups and accounts based on their behavior, not the content they post. In this case, the people behind this activity coordinated with one another and used fake accounts to misrepresent themselves, and that was the basis for our action.”

Threat actors behind the campaign represented themselves as locals and posted news stories on current events. The accounts were used to discuss about topics of interest for Iranians, such as Israel-Palestine relations and the conflicts in Syria and Yemen.

“This morning we removed 783 Pages, groups and accounts for engaging in coordinated inauthentic behavior tied to Iran. There were multiple sets of activity, each localized for a specific country or region, including Afghanistan, Albania, Algeria, Bahrain, Egypt, France, Germany, India, Indonesia, Iran, Iraq, Israel, Libya, Mexico, Morocco, Pakistan, Qatar, Saudi Arabia, Serbia, South Africa, Spain, Sudan, Syria, Tunisia, US, and Yemen.” wrote Nathaniel Gleicher.

“The Page administrators and account owners typically represented themselves as locals, often using fake accounts, and posted news stories on current events. This included commentary that repurposed Iranian state media’s reporting on topics like Israel-Palestine relations and the conflicts in Syria and Yemen, including the role of the US, Saudi Arabia, and Russia.”

In some cases, the activity carried out by the fake accounts date back to 2010.

Facebook pointed out that although threat actors attempted to hide their identities, the manual review of the activities associated with these accounts allowed them to identify the coordinated inauthentic behavior from Iran.

The campaign operated by threat actors as early as 2010 involved 262 pages, 356 accounts, and three groups on Facebook, as well as 162 accounts on Instagram.

According to Facebook, about 2 million accounts followed at least one of the above pages, about 1,600 accounts joined at least one of the groups, and more than 254,000 accounts followed at least one of these Instagram accounts.

The social network giant reported that operators spent less than $30,000 in ads on Facebook and Instagram, they were paid for primarily in US dollars, UK pounds, Canadian dollars, and euros

“We identified some of these accounts through our continued investigation into Iranian coordinated inauthentic behavior we found and removed last year.” concludes Gleicher.

“Our investigation was aided by open source reporting and information provided to us by our industry peers. We have shared information about our investigation with US law enforcement, the US Congress, and policymakers in impacted countries. “

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Facebook, manipulation campaign)

[adrotate banner=”5″] [adrotate banner=”13″]