logo
episode-header-image
Jul 2024
5m 3s

S03 E06: ShadowDragon OSINT Geopolitics ...

Daniel Clemens from ShadowDragon, LLC
About this episode

ShadowDragon OSINT Geopolitics and More Podcast Summary

Host: Nico Dekens, “The Dutch OSINT Guy” (follow Nico on X: @dutch_osintguy)

Episode Focus: Critical cybersecurity advisory on state-sponsored Russian media using advanced software for foreign malign influence activities.

Key Points Covered:

  1. Introduction:

    • The episode delves into a joint cybersecurity advisory by prominent intelligence and security agencies from the United States, Netherlands, and Canada.

  2. Meliorator AI Software:

    • Russian actors are using covert artificial intelligence software called Meliorator to manipulate social media.
    • The software, employed by Russian state-sponsored media RT, creates fake personas to disseminate disinformation on platforms like X (formerly known as Twitter).

  3. Capabilities of Meliorator:

    • The software can generate numerous realistic social media profiles, mimicking typical user behavior by posting, liking, and sharing content.
    • It amplifies pre-existing false narratives with sophisticated, tailored messages.

  4. Technical Details:

    • Meliorator comprises various components, including Brigadir (administrative panel for managing bots), Taras (back-end software for handling bot identities and actions), and a Mongo database for storing bot identities and automated actions.
    • It avoids detection by using AI-generated profiles, proxy IPs, and alternative user-agent strings to bypass platform verification.

  5. Obfuscation Techniques:

    • Meliorator uses IP obfuscation, authentication bypass, and user-agent manipulation to hide bot activities.

  6. Advisory Recommendations:

    • Social media platforms, especially X, are urged to validate human operation behind accounts, enhance authentication and verification processes, and monitor suspicious user-agent strings.
    • Implement Secure-by-Default settings, including multi-factor authentication (MFA) and other privacy-focused features.

  7. Conclusion:

    • Staying vigilant and informed is crucial to protect against disinformation campaigns.
    • Previous podcasts discussed the abuse of commercially or freely available AI for spreading false narratives, but Meliorator represents a more advanced threat.

Closing Remarks:

  • Nico encourages listeners to stay safe and informed.
  • Listeners are invited to suggest topics for future episodes.

Thank you for tuning in to the ShadowDragon OSINT Geopolitics and More Podcast. See you in the next episode!

Show Notes:
State-Sponsored Russian Media Leverages Meliorator Software for Foreign Malign Influence Activity, found here:
https://www.ic3.gov/Media/News/2024/240709.pdf

Follow ShadowDragon on social media for more up-to-date news and information

Up next
Aug 2024
S03 E08: Hijacked Hashtags and Potential Malware in Short URLs on Social Media
Podcast Summary: ShadowDragon - Malware Alert on Social Media In this episode of the ShadowDragon podcast, Nico "Dutch OSINT Guy" Dekens delves into a recent surge in malicious online activity linked to trending topics on social media platforms such as X (formerly Twitter), Meta ... Show More
5m 8s
Jul 2024
S03 E05: OpenAI Disrupts Covert Influence Operations With The Help of OSINT
Key Points Discussed: • Monitoring and Disruption Efforts: OpenAI collaborates with open-source intelligence practitioners to monitor internet activity and identify potential misuse of their language models by nation-states and other actors. They aim to disrupt sophisticated thre ... Show More
8m 30s
Jul 2024
S03 E04: ShadowDragon Special Edition Podcast: Terrorist Threats, French Elections, and Political Protests
The Shadow Dragon Special Edition Podcast Introduction: The podcast covers open source intelligence (OSINT) and geopolitics. Topics include military bases on alert, global protests, and elections. Military Alert in Europe: Several U.S. military bases in Europe are on heightened a ... Show More
5m 10s
Recommended Episodes
Jan 2025
AI-powered propaganda.
The U.S. sanctions Russian and Iranian groups over election misinformation. Apple settles a class action lawsuit over Siri privacy allegations. DoubleClickjacking exploits a timing vulnerability in browser behavior. FireScam targets sensitive info on Android devices. ASUS issues ... Show More
30m 36s
Sep 2024
Brazil nixes Twitter’s successor.
Brazil blocks access to X/Twitter. Transport for London has been hit with a cyberattack. Threat actors have poisoned GlobalProtect VPN software to deliver WikiLoader. “Voldemort” is a significant international cyber-espionage campaign. Researchers uncover an SQL injection flaw wi ... Show More
28m 3s
Sep 2024
U.S. rains on Russia’s fake news parade.
The DOJ disrupts Russia’s Doppelganger. NSA boasts over 1,000 public and private partners. The FBI warns of North Korean operatives launching “complex and elaborate” social engineering attacks. Iran pays the ransom to sure up their banking system. Cisco has disclosed two critical ... Show More
24m 22s
Mar 2024
Safeguarding American data from foreign hands.
The House Unanimously Passes a Bill to Halt Sale of American Data to Foreign Foes. The U.S. Sanctions Russian Individuals and Entities for a Global Disinformation Campaign. China warns of cyber threats from foreign hacking groups. A logistics firm isolates its Canadian division a ... Show More
36m 44s
Jan 2025
Hacking the bureau.
The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulne ... Show More
34m 16s
Nov 2024
FBI fights fake news.
The FBI flags fake videos claiming to be from the agency. Okta patches an authentication bypass vulnerability. Microsoft confirms Windows Server 2025 Blue Screen of Death issues. Scammers exploit DocuSign’s APIs to send fake invoices that bypass spam filters. Hackers use smart co ... Show More
31m 54s
Mar 2023
Twitter looks for a leaker. Insider risks. The state of resilience. Russian auxiliaries briefly disrupt a French National Assembly website. Cyber trends in the hybrid war. DPRK hacking, as it is.
Twitter gets a subpoena for a source-code leaker’s information. The insider risk to data. Russian hacktivist auxiliaries target the French National Assembly. Recent trends in cyberattacks sustained by Ukraine. Ben Yelin unpacks the White House executive order on spyware. Mr. Secu ... Show More
23m 45s
Aug 2024
Almost letting hackers rule the web.
A Wordpress plugin vulnerability puts 5 million sites at risk. Google releases an emergency Chrome update addressing an actively exploited vulnerability. Cisco patches multiple vulnerabilities. Researchers say Slack AI is vulnerable to prompt injection. Widely used RFID smart car ... Show More
26m 7s
Aug 2023
Attacks on industrial systems in Europe and Africa. LolekHosted arrests. Notes from the hybrid war. The CSRB will investigate the cyberespionage campaign that exploited Microsoft Exchange.
An African power generator has been targeted by ransomware. The APT31 group is believed to be responsible for attacks on industrial systems in Eastern Europe. There have been arrests related to the takedown of LolekHosted. Ukraine's SBU has alleged that Russia's GRU is using spec ... Show More
27m 15s
Jan 2025
Cats and RATS are all the rage.
Hackers linked to China and Iran are using AI to enhance cyberattacks. An AI-powered messaging tool for Slack and Discord is reportedly leaking user data. British engineering giant Smiths Group suffers a cyberattack. Rockwell Automation details critical and high-severity vulnerab ... Show More
26m 30s
Listen to millions of songs and podcasts on Anghami