Key Takeaways
In 2024, the Russian government’s online disinformation campaigns have embraced artificial intelligence tools to ramp up their operations.
Offering a glimpse into the state’s efforts, an international investigation spearheaded by the US Department of Justice (DoJ) has exposed a “social media bot farm” that used AI to generate fake profiles at scale.
In a statement on Tuesday, July 9, the DoJ described a joint operation by American, Canadian and Dutch law enforcement agencies to take down an AI-powered propaganda initiative sponsored by the FSB.
According to the release, the bot farm was set up in 2023 with the Kremlin’s backing. Alongside FSB agents, employees of the state-run RT News Network were also said to be involved.
As part of the sting, the FBI was granted warrants to search 968 X accounts thought to be Russian bots and seize two web domains used as email servers to register the fake profiles.
“Today’s actions represent a first in disrupting a Russian-sponsored Generative AI-enhanced social media bot farm,” said FBI Director Christopher Wray.
“Russia intended to use this bot farm to disseminate AI-generated foreign disinformation, scaling their work with the assistance of AI to undermine our partners in Ukraine and influence geopolitical narratives favorable to the Russian government.”
In an advisory issued on Wednesday, Western cybersecurity agencies warned social media companies about Meliorator—a bot generation and management platform used by the Russian state.
According to the document, RT employees used Meliorator to create fictitious online personas to post on X. These bots disseminated disinformation to and about a number of countries, including the United States, Poland, Germany, the Netherlands, Spain, Ukraine and Israel, it claims.
Although intelligence agencies only identified instances of the software being used on X, they said its developers had plans to expand its functionality to other social media platforms too.
To avoid detection by X’s automatic bot-screening measures, persona accounts are programmed to obfuscate their IP address and bypass dual-factor authentication. They also follow real accounts reflective of their political leanings and interests listed in their biography.
To help mitigate against Russian state-sponsored actors abusing their platforms in disinformation campaigns, the advisory makes several recommendations for social media companies.
For instance, it suggests that platforms could implement Know Your Customer (KYC) procedures similar to those used in the financial sector to combat money laundering. It also recommends upgrading authentication and verification processes based on what has been learned about Meliorator.
One suggested mitigation that could have major consequences for X is the suggestion that platforms implement multi-factor authentication (MFA) by default.
Last year, X discontinued SMS-based MFA for non-paying users, limiting the option to X Premium subscribers. However, free users can still enable MFA using an authentication app or security key.