A collaborative effort between SentinelLabs and ClearSky Cyber Security has unearthed a substantial disinformation and propaganda campaign orchestrated by the Russia-aligned influence operation network known as Doppelgänger. Initially focused on Ukrainian affairs, the campaign has since broadened its scope to encompass countries including the US, Israel, France, and Germany. Particularly in Germany, Doppelgänger has escalated its activities, disseminating propaganda to manipulate public opinion on socio-economic and geopolitical issues, with a keen interest in influencing sentiments surrounding the government’s stance on Ukraine, possibly ahead of forthcoming elections.
This operation employs a sophisticated network of social media accounts, primarily on platforms like X, to amplify its messaging and expand its reach. These accounts engage in coordinated actions, such as reposting content from popular profiles and interacting with other suspected Doppelgänger-managed accounts, to maximize visibility and audience engagement. Furthermore, the network utilizes a range of tactics to evade detection, including hosting propaganda articles on websites designed to mimic legitimate news outlets and employing obfuscation and tracking techniques in link redirection.
The persistence and adaptability of Doppelgänger’s campaign pose significant challenges in combating such influence operations, especially given the impending major elections across the EU and the USA. SentinelLabs and ClearSky Cyber Security anticipate that Doppelgänger’s activities will continue to evolve and expand, underscoring the importance of enhancing public awareness, media literacy, and coordinated actions by social media platforms and infrastructure operators to counter the spread of propaganda and disinformation. Efforts to address these challenges require a multifaceted approach aimed at disrupting the operations and mitigating their impact on public discourse and democratic processes.
