Thursday, June 20, 2024

Doppelgänger: Hackers Employ AI to Launch Highly sophistication Attacks

It has been observed that threat actors are using AI technology to conduct illicit operations on social media platforms.

These malicious actors employ several tactics and automated bots to achieve their nefarious goals, which can pose a serious threat to online security and privacy.

  • Spread disinformation
  • Manipulate public opinion
  • Escalate isolating content

These AI-driven tactics enable the rapid dissemination of misleading narratives, contributing to the escalation of online misinformation campaigns.

Cybersecurity researchers at Insikt Group recently identified “Doppelgänger,” a Russia-linked influence network conducting a sophisticated operation.


The operators of this network employ advanced obfuscation techniques and potentially utilize generative AI to craft deceptive news articles, targeting audiences in the following countries via fake news sites and social media accounts:-

  • Ukraine
  • The United States
  • Germany
Doppelgänger articles dated Nov. 10, 2023, impersonating UNIAN (Source – Recordedfuture)

Insikt Group found a campaign hitting Ukraine, using many fake social media accounts for Coordinated Inauthentic Behavior (CIB). 

They shared bogus articles mimicking Ukrainian news, spreading anti-Ukraine narratives on:-

  • Military
  • Politics

Doppelgänger hit the US and Germany with fake copies of 6 legitimate news outlets’  in later campaigns. 

For the US, it fueled divisions before the 2024 election, pushing anti-LGBTQ+ views, criticizing the military, and intensifying political separations over Ukraine.

Doppelgänger influence assets (Source – Recordedfuture)

In Germany, it targeted economic and social problems to deteriorate the trust in leadership and boost the nationalist emotions.

Doppelgänger aimed at the US with three fake news outlets:-

  • Electionwatch[.]live: Generates AI-driven political content.
  • Mypride[.]press: Stirs anti-LGBTQ+ sentiments.
  • warfareinsider[.]us: Critiques US military and foreign policy from a politicized stance.


Here below, we have mentioned all the campaigns identified by the security analysts:-

  • Campaign 1: Doppelgänger Impersonates Ukrainian News Organizations to Influence Ukrainian Audiences
  • Campaign 2: Doppelgänger Seeking to Influence US Audiences with Inauthentic News Outlets Leveraging AI and Divisive Commentary on Social Issues and US Military
  • Campaign 3: Doppelgänger Seeking to Influence German Audiences with Grim Outlook on European Migration Movements, German Economic Outlook

Ongoing collaboration and public reporting are crucial to counter malicious influence. Media should vigilantly monitor brand abuse, issue takedowns, and boost online literacy.

Due to its continued evolution and use of AI, Doppelgänger’s exposed activities hint at lasting societal impacts, like corrupting trust and heightened polarization.


Latest articles

1inch partners with Blockaid to enhance Web3 security through the 1inch Shield

1inch, a leading DeFi aggregator that provides advanced security solutions to users across the...

Hackers Exploit Progressive Web Apps to Steal Passwords

In a concerning development for cybersecurity, hackers are increasingly leveraging Progressive Web Apps (PWAs)...

INE Security: Optimizing Teams for AI and Cybersecurity

2024 is rapidly shaping up to be a defining year in generative AI. While...

Threat Actor Claims Breach of Jollibee Fast-Food Gaint

A threat actor has claimed responsibility for breaching the systems of Jollibee Foods Corporation,...

Threat Actors Claiming Breach of Accenture Employee Data

Threat actors have claimed responsibility for a significant data breach involving Accenture, one of...

Diamorphine Rootkit Exploiting Linux Systems In The Wild

Threat actors exploit Linux systems because they are prevalent in organizations that host servers,...

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards...
Tushar Subhra Dutta
Tushar Subhra Dutta
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles