• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Koske, a new AI-Generated Linux malware appears in the threat landscape

 | 

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

 | 

Coyote malware is first-ever malware abusing Windows UI Automation

 | 

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

 | 

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

 | 

Stealth backdoor found in WordPress mu-Plugins folder

 | 

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

 | 

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

 | 

Sophos fixed two critical Sophos Firewall vulnerabilities

 | 

French Authorities confirm XSS.is admin arrested in Ukraine

 | 

Microsoft linked attacks on SharePoint flaws to China-nexus actors

 | 

Cisco confirms active exploitation of ISE and ISE-PIC flaws

 | 

SharePoint under fire: new ToolShell attacks target enterprises

 | 

CrushFTP zero-day actively exploited at least since July 18

 | 

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

 | 

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

 | 

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

 | 

Microsoft issues emergency patches for SharePoint zero-days exploited in "ToolShell" attacks

 | 

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

 | 

Singapore warns China-linked group UNC3886 targets its critical infrastructure

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Intelligence
  • Security
  • Social Networks
  • Facebook deleted Russia-Linked efforts focusing on Ukraine ahead of the election

Facebook deleted Russia-Linked efforts focusing on Ukraine ahead of the election

Pierluigi Paganini July 29, 2019

Facebook recently announced that it removed multiple pages, groups, and accounts tied to Russia involved in psyops ahead of the election in Ukraine.

Facebook spotted four campaigns that appear independent, three of them associated with Russian threat actors.

One of the operations involved 18 Facebook accounts, nine pages, and three groups. Threat actors attempted to influence the sentiment of users in Ukraine regarding the relationship between the Russian and the Ukrainian governments.

The threat actors behind this campaign created fake profiles, impersonated deceased Ukrainian journalists, and engaged in fake engagement tactics. They also used a number of fake accounts to increase the popularity of their content and also to propose people content outside the social network.

Experts discovered that about 80,000 accounts followed one or more of these pages, and about 10 accounts joined at least one of these groups. According to Facebook, threat actors spent less than $100 on Facebook ads.

“We found four separate, unconnected operations that originated in Thailand, Russia, Ukraine and Honduras. We didn’t find any links between the campaigns we’ve removed, but all created networks of accounts to mislead others about who they were and what they were doing.” reads the report published by Facebook.

Facebook conducted an internal investigation into suspected Russia-linked coordinated inauthentic behavior, ahead of the elections in Ukraine.

Facebook campaign Russia Ukraine

Facebook also identified another campaign focused on Ukraine that involved 83 accounts, two Pages, 29 Groups, and five Instagram accounts engaged in coordinated inauthentic behavior that originated in Russia and the Luhansk region in Ukraine. 

In this case, threat actors used fake accounts to impersonate military members in Ukraine and managed Groups posing as authentic military communities. Some of the Groups were used to disseminate content about Ukraine and the Luhansk region.

Content published by the operators includes topics like the military conflict in Eastern Ukraine, Ukrainian public figures and politics. Below some data related to this campaign:

  • Presence on Facebook and Instagram: 83 Facebook accounts, 2 Pages, 29 Groups, and 5 Instagram accounts.
  • Followers: Fewer than 1,000 accounts followed one or more of these Pages, under 35,000 accounts joined at least one of these Groups, and around 1,400 people followed one or more of these Instagram accounts.
  • Advertising: Less than $400 spent on Facebook and Instagram ads paid for in US dollars.

A third campaign originating in Thailand focusing mainly on geopolitical issues appear to be the result of a Russian threat actor.

“We removed 12 Facebook accounts and 10 Facebook Pages for engaging in coordinated inauthentic behavior that originated in Thailand and focused primarily on Thailand and the US.” continues Facebook

“They also frequently shared divisive narratives and comments on topics including Thai politics, geopolitical issues like US-China relations, protests in Hong Kong, and criticism of democracy activists in Thailand. “

The activity was coordinated by threat actors in Thailand that is associated with a Moscow-based news outlet called New Eastern Outlook (https://journal-neo.org/), a Russian government-funded journal.

This operation was pushed with an investment in advertising on Facebook under $18,000:

  • Presence on Facebook: 12 accounts and 10 Pages.
  • Followers: About 38,000 accounts followed one or more of these Pages.
  • Advertising: Less than $18,000 in spending for ads on Facebook paid for in US dollars.

Finally, Facebook removed 181 accounts and 1,488 Facebook Pages that were involved in domestic-focused coordinated inauthentic activity in Honduras. Operators aimed at increasing the president’s popularity by creating positive content about his political activity.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Facebook, Ukraine)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

Facebook hacking news information security news Pierluigi Paganini PsyOps Russia Security News Social Network Ukraine

you might also like

Pierluigi Paganini July 25, 2025
Koske, a new AI-Generated Linux malware appears in the threat landscape
Read more
Pierluigi Paganini July 25, 2025
Mitel patches critical MiVoice MX-ONE Auth bypass flaw
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Koske, a new AI-Generated Linux malware appears in the threat landscape

    Malware / July 25, 2025

    Mitel patches critical MiVoice MX-ONE Auth bypass flaw

    Security / July 25, 2025

    Coyote malware is first-ever malware abusing Windows UI Automation

    Malware / July 24, 2025

    SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

    Security / July 24, 2025

    DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

    Security / July 24, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT