俄罗斯针对乌克兰、美国和德国的人工智能驱动的虚假信息行动

The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts.

与乌克兰、美国和德国的观众为目标的俄罗斯关联影响行动Doppelganger，通过伪造的新闻网站和社交媒体账户相结合进行了定向。

These campaigns are designed to amplify content designed to undermine Ukraine as well as propagate anti-LGBTQ+ sentiment, U.S. military competence, and Germany's economic and social issues, according to a new report shared with The Hacker News.

这些活动旨在放大旨在破坏乌克兰以及传播反LGBTQ+情绪、美国军事能力和德国经济社会问题的内容，据The Hacker News分享的一份新报告称。

Doppelganger, described by Meta as the "largest and the most aggressively-persistent Russian-origin operation," is a pro-Russian network known for spreading anti-Ukrainian propaganda. Active since at least February 2022, it has been linked to two companies named Structura National Technologies and Social Design Agency.

Doppelganger，由Meta描述为“最大、最具侵略性且持续性最强烈的俄罗斯起源行动”，是一个以传播反乌克兰宣传而闻名的亲俄罗斯网络，至少自2022年2月以来一直活跃，与Structura National Technologies和Social Design Agency两家公司有关。

Activities associated with the influence operation are known to leverage manufactured websites as well as those impersonating authentic media – a technique called brandjacking – to disseminate adversarial narratives.

与这一影响行动相关的活动已知利用制造的网站以及冒充真实媒体的网站（一种称为品牌劫持的技术）来传播对抗性叙事。

The latest campaigns are also characterized by the use of advanced obfuscation techniques, including "manipulating social media thumbnails and strategic first and second-stage website redirects to evade detection, and the likely use of generative artificial intelligence (AI) to create inauthentic news articles," the cybersecurity firm said.

最新的活动还以使用高级混淆技术为特征，包括“操纵社交媒体缩略图和战略性的第一和第二阶段网站重定向以逃避检测，以及可能使用生成式人工智能（AI）创建不真实新闻文章”，网络安全公司表示。

The findings demonstrate Doppelgänger's evolving tactics and throw light on the use of AI for information warfare and to produce scalable influence content.

研究结果展示了Doppelgänger不断演变的策略，并揭示了利用AI进行信息战和生产可扩展影响内容的方式。

The campaign targeting Ukraine is said to consist of more than 800 social media accounts, in addition to banking on first and second-stage domains to conceal the true destination. Some of these links also use the Keitaro Traffic Distribution System (TDS) to assess the overall success and effectiveness of the campaign.

据悉，针对乌克兰的活动涉及800多个社交媒体账户，此外还利用第一和第二阶段域来隐藏真正的目的地。其中一些链接还使用Keitaro Traffic Distribution System (TDS)来评估活动的总体成功和效果。

One of the notable aspects of the U.S. and German campaigns is the use of inauthentic media outlets such as Election Watch, MyPride, Warfare Insider, Besuchszweck, Grenzezank, and Haüyne Scherben that publish malign content as original news and opinion outlets.

美国和德国活动的一个显着特点是使用伪造的媒体机构，如选举观察、MyPride、Warfare Insider、Besuchszweck、Grenzezank和Haüyne Scherben等，将恶意内容发布为原创新闻和观点。

"Doppelgänger exemplifies the enduring, scalable, and adaptable nature of Russian information warfare, demonstrating strategic patience aimed at gradually shifting public opinion and behavior," Recorded Future said.

"Doppelgänger展示了俄罗斯信息战的持久性、可扩展性和适应性，展示了渐进转变公共舆论和行为的战略耐心，" Recorded Future表示。

It's worth pointing out that Meta, in its quarterly Adversarial Threat Report published last week, said it also found a new cluster of websites linked to Doppelganger that are geared towards U.S. and European political affairs, such as migration and border security.

值得指出的是，Meta在其上周发布的季度对抗威胁报告中表示，还发现了与Doppelganger相关的一组新网站，专注于美国和欧洲的政治事务，如移民和边境安全。

"Their latest web content appears to have been copy-pasted from mainstream U.S. news outlets and altered to question U.S. democracy and promote conspiratorial themes," Meta said, highlighting Election Watch as one of the U.S.-focused sites.

"他们最新的网络内容似乎已经从主流美国新闻网站复制并修改，以质疑美国民主并推动阴谋论主题，" Meta说，强调选举观察是美国重点关注的网站之一。

"Soon after the Hamas terrorist attack in Israel [in October 2023], we saw these websites begin posting about the crisis in the Middle East as a proof of American decline; and at least one website claimed Ukraine supplied Hamas with weapons."

"在以色列[2023年10月]哈马斯恐怖袭击后不久，我们看到这些网站开始发布有关中东危机的帖子，作为美国衰落的证明；至少有一个网站声称乌克兰向哈马斯提供武器。"

Meta also said it took steps to disrupt three separate covert influence operations – two from China and one from Russia – during the third quarter of 2023 that leveraged fictitious personas and media brands to target audiences in India and the U.S., and share content about Russia's invasion of Ukraine.

Meta还表示，在2023年第三季度，他们采取措施破坏了来自中国的两次和俄罗斯的一次分别利用虚构身份和媒体品牌瞄准印度和美国观众，并分享有关俄罗斯入侵乌克兰的内容的潜在影响行动。

It, however, noted that proactive threat sharing by the federal government in the U.S. related to foreign election interference has been paused since July 2023, cutting off a key source of information that could be valuable to disrupt malicious foreign campaigns by sophisticated threat actors.

然而，它指出，自2023年7月以来，美国联邦政府有关外国干预选举的主动威胁分享已经暂停，切断了对抗复杂威胁行动的有价值信息的关键来源。

原文始发于微信公众号（知机安全）：俄罗斯针对乌克兰、美国和德国的人工智能驱动的虚假信息行动