|
| |
| |
| State-sponsored Threar Group |
| |
| Spreading Disinformation campaigns by leveraging generative AI |
| Generative AI, Matomo, Keitaro, Wordpress, XposedEm |
Overview
CopyCop is an influential network identified by Insikt Group in early March 2024, recognized for its sophisticated use of generative artificial intelligence (AI) to propagate disinformation. Operating primarily from Russia and allegedly aligned with the Russian government, CopyCop specializes in plagiarizing and manipulating content from mainstream media outlets across various countries, including Russia, the United States, the United Kingdom, Ukraine, Israel, and France.
The group disseminates its content through a network of inauthentic websites primarily in English and French, targeting audiences in the US, UK, and France. Their narratives focus on divisive domestic issues within these countries, while also supporting Russian geopolitical objectives such as undermining Western policies and eroding support for Ukraine. They have been observed promoting perspectives critical of Israeli military actions in Gaza and influencing narratives around the 2024 US elections to favor Republican candidates and criticize the Biden administration.
CopyCop’s operational infrastructure includes a cluster of twelve interconnected websites sharing common elements like TLS certificates, WordPress themes, and hosting infrastructure. They utilize tools like Matomo for traffic analytics, similar to methods used by other Russian state-sponsored influence actors. Recently, CopyCop expanded its operations to include a self-hosted video-sharing platform and a forum named XposedEm, which aims to expose what they describe as “US hypocrisy.”
Common targets
CopyCop primarily targets audiences and influences public opinion in the United States, United Kingdom, and France. Their efforts are focused on shaping narratives and opinions related to domestic issues within these countries, such as political divisions, election outcomes, and government policies. Additionally, they aim to influence perceptions of international conflicts involving Russia, Ukraine, and Israel, often presenting viewpoints critical of Western positions and supportive of Russian perspectives.
Attack Vectors
Phishing
Social Engineering
Website Compromises
Third-Party Tools Exploitation
Content Manipulation
How they operate
CopyCop operates as a sophisticated disinformation network utilizing advanced technology and strategic tactics to achieve its objectives aligned with Russian geopolitical interests. At the core of CopyCop’s operations is the use of generative artificial intelligence (AI), which enables the group to plagiarize and manipulate content from mainstream media sources across multiple countries, including Russia, the United States, the United Kingdom, Ukraine, Israel, and France. This AI-driven approach allows CopyCop to create tailored narratives that resonate with specific target audiences while introducing partisan bias and supporting Russian perspectives on international conflicts and domestic issues.
The group disseminates its manipulated content through a network of inauthentic websites designed to mimic legitimate news sources. These websites often utilize reused Transport Layer Security (TLS) certificates and WordPress themes, indicating centralized control and management. By leveraging tools like Matomo for traffic analytics, CopyCop monitors the impact of its disinformation campaigns, adapting strategies to maximize engagement and influence public opinion.
In addition to AI-generated content, CopyCop employs traditional social engineering techniques such as phishing to compromise individuals and further propagate its narratives. This includes sending deceptive emails with malicious links or attachments aimed at gaining access to sensitive information or spreading malware. Moreover, the group utilizes social media platforms to amplify its messages, engaging with users and fostering discussion around divisive issues to exacerbate societal tensions and undermine trust in Western governments and institutions.
CopyCop’s strategy also extends to influencing electoral processes and political discourse, particularly during election periods in the US, UK, and France. By promoting narratives that support candidates or policies aligned with Russian interests while undermining opponents, the group aims to sway public opinion and shape electoral outcomes.
References:
