The Russian FSB has allegedly procured a sophisticated botnet that can launch harmful DDoS attacks and manipulate trending social media topics across all platforms. These findings are from a report following security experts’ analysis of documents stolen from a Russian government contractor previously victimised by the ‘Digital Revolution’ hacktivist group in March 2020.
From the analysis, researchers explained that the documents obtained by the hacktivist group had focused on the botnet dubbed Fronton, which can shut down a small country’s internet access. However, based on an in-depth study, the botnet’s primary feature is to deploy coordinated massive cyberattacks.
Fronton botnet’s system allows its users to formulate and arrange internet trending topics on a wide scale through fake social media accounts or bots.
As explained by the analysts, the botnet’s system creates these events called ‘newsbreaks’ via a SANA dashboard. The dashboard is utilised for creating fake social media accounts and provides the creation of newsbreaks or trending topics based on schedule or reactions.
Analysts link the reports regarding the discovered botnet with cybercriminal groups and hackers such as Pavel Sitnikov, who was associated with the APT28 threat group. These allegations come from an assessment that the hacker is an expert on the Fronton botnet’s infrastructure and functionalities.
Furthermore, the ‘Digital Revolution’ hacktivist group also released a demo video of how the SANA dashboard works, including how they customised it per whichever social media platform, such as Facebook and Twitter. The operators of SANA can also configure the reactions and comments done by bot accounts and the other activities they could do to manipulate events online.
Mainly focusing on its ‘newsbreak’ feature, its operators can easily create buzz online on any topics of interest, alongside how the bot users react. All the interactions that the bots can do are programmed through the dashboard, including patterned responses based on time intervals.
Security experts and social media firms worldwide have long observed the widespread inauthentic behaviour they detect on online platforms, including the prevalence of fake user accounts utilised for political propaganda on all sides of the world.
