logo
episode-header-image
Jul 2024
5m 3s

S03 E06: ShadowDragon OSINT Geopolitics ...

Daniel Clemens from ShadowDragon, LLC
About this episode

ShadowDragon OSINT Geopolitics and More Podcast Summary

Host: Nico Dekens, “The Dutch OSINT Guy” (follow Nico on X: @dutch_osintguy)

Episode Focus: Critical cybersecurity advisory on state-sponsored Russian media using advanced software for foreign malign influence activities.

Key Points Covered:

  1. Introduction:

    • The episode delves into a joint cybersecurity advisory by prominent intelligence and security agencies from the United States, Netherlands, and Canada.

  2. Meliorator AI Software:

    • Russian actors are using covert artificial intelligence software called Meliorator to manipulate social media.
    • The software, employed by Russian state-sponsored media RT, creates fake personas to disseminate disinformation on platforms like X (formerly known as Twitter).

  3. Capabilities of Meliorator:

    • The software can generate numerous realistic social media profiles, mimicking typical user behavior by posting, liking, and sharing content.
    • It amplifies pre-existing false narratives with sophisticated, tailored messages.

  4. Technical Details:

    • Meliorator comprises various components, including Brigadir (administrative panel for managing bots), Taras (back-end software for handling bot identities and actions), and a Mongo database for storing bot identities and automated actions.
    • It avoids detection by using AI-generated profiles, proxy IPs, and alternative user-agent strings to bypass platform verification.

  5. Obfuscation Techniques:

    • Meliorator uses IP obfuscation, authentication bypass, and user-agent manipulation to hide bot activities.

  6. Advisory Recommendations:

    • Social media platforms, especially X, are urged to validate human operation behind accounts, enhance authentication and verification processes, and monitor suspicious user-agent strings.
    • Implement Secure-by-Default settings, including multi-factor authentication (MFA) and other privacy-focused features.

  7. Conclusion:

    • Staying vigilant and informed is crucial to protect against disinformation campaigns.
    • Previous podcasts discussed the abuse of commercially or freely available AI for spreading false narratives, but Meliorator represents a more advanced threat.

Closing Remarks:

  • Nico encourages listeners to stay safe and informed.
  • Listeners are invited to suggest topics for future episodes.

Thank you for tuning in to the ShadowDragon OSINT Geopolitics and More Podcast. See you in the next episode!

Show Notes:
State-Sponsored Russian Media Leverages Meliorator Software for Foreign Malign Influence Activity, found here:
https://www.ic3.gov/Media/News/2024/240709.pdf

Follow ShadowDragon on social media for more up-to-date news and information

Up next
May 27
S04 E05: Melisa Stivaletti, the Queen of OSINT, on Elevating OSINT with AI, Private-Public Synergy, and More
Guest introduction & background Melisa describes how the 2010–11 Arab Spring revealed the power of social-media data while she was a Department of the Army civilian in Afghanistan. Since then she has worked across academia, federal agencies, and the private sector to professional ... Show More
30m 2s
May 2
S04 E04: Operationalizing Publicly Available Information
Former Green Beret and national-security advocate Doug Livermore joins the ShadowDragon team to unpack how publicly available information (PAI) and commercial open-source intelligence (OSINT) are transforming modern conflict—and why agile private-sector partners now shape outcome ... Show More
43m 9s
Feb 2025
S04 E03 Part 2: Human Trafficking in Online Marketplaces (Part 2): Exposing the Threats & Tools to Fight Back
In this episode of the Shadow Dragon podcast, Director of National Security David Cook (https://www.linkedin.com/in/david-n-cook/) hosts a conversation for National Human Trafficking Prevention Month. The panel features: - Matt Richardson (https://www.linkedin.com/in/mattwrichard ... Show More
33m 33s
Recommended Episodes
Jan 2025
AI-powered propaganda.
The U.S. sanctions Russian and Iranian groups over election misinformation. Apple settles a class action lawsuit over Siri privacy allegations. DoubleClickjacking exploits a timing vulnerability in browser behavior. FireScam targets sensitive info on Android devices. ASUS issues ... Show More
36m 36s
Sep 2024
Brazil nixes Twitter’s successor.
Brazil blocks access to X/Twitter. Transport for London has been hit with a cyberattack. Threat actors have poisoned GlobalProtect VPN software to deliver WikiLoader. “Voldemort” is a significant international cyber-espionage campaign. Researchers uncover an SQL injection flaw wi ... Show More
34m 3s
Sep 2024
U.S. rains on Russia’s fake news parade.
The DOJ disrupts Russia’s Doppelganger. NSA boasts over 1,000 public and private partners. The FBI warns of North Korean operatives launching “complex and elaborate” social engineering attacks. Iran pays the ransom to sure up their banking system. Cisco has disclosed two critical ... Show More
30m 22s
Jan 2025
Hacking the bureau.
The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulne ... Show More
40m 16s
Nov 2024
FBI fights fake news.
The FBI flags fake videos claiming to be from the agency. Okta patches an authentication bypass vulnerability. Microsoft confirms Windows Server 2025 Blue Screen of Death issues. Scammers exploit DocuSign’s APIs to send fake invoices that bypass spam filters. Hackers use smart co ... Show More
37m 54s
Mar 2023
Twitter looks for a leaker. Insider risks. The state of resilience. Russian auxiliaries briefly disrupt a French National Assembly website. Cyber trends in the hybrid war. DPRK hacking, as it is.
Twitter gets a subpoena for a source-code leaker’s information. The insider risk to data. Russian hacktivist auxiliaries target the French National Assembly. Recent trends in cyberattacks sustained by Ukraine. Ben Yelin unpacks the White House executive order on spyware. Mr. Secu ... Show More
23m 45s
Aug 2024
Almost letting hackers rule the web.
A Wordpress plugin vulnerability puts 5 million sites at risk. Google releases an emergency Chrome update addressing an actively exploited vulnerability. Cisco patches multiple vulnerabilities. Researchers say Slack AI is vulnerable to prompt injection. Widely used RFID smart car ... Show More
32m 7s
Aug 2023
Attacks on industrial systems in Europe and Africa. LolekHosted arrests. Notes from the hybrid war. The CSRB will investigate the cyberespionage campaign that exploited Microsoft Exchange.
An African power generator has been targeted by ransomware. The APT31 group is believed to be responsible for attacks on industrial systems in Eastern Europe. There have been arrests related to the takedown of LolekHosted. Ukraine's SBU has alleged that Russia's GRU is using spec ... Show More
27m 15s
Jan 2025
Cats and RATS are all the rage.
Hackers linked to China and Iran are using AI to enhance cyberattacks. An AI-powered messaging tool for Slack and Discord is reportedly leaking user data. British engineering giant Smiths Group suffers a cyberattack. Rockwell Automation details critical and high-severity vulnerab ... Show More
32m 30s
Apr 10
Former cybersecurity officials lose clearances.
Trump targets former cybersecurity officials. Senator blocks CISA nominee over telecom security concerns. The acting head of NSA and Cyber Command makes his public debut. Escalation of Cyber Tensions in U.S.-China Trade Relations. Researchers evaluate the effectiveness of Large L ... Show More
32m 31s
Listen to millions of songs and podcasts on Anghami