A massive bot farm that contained approximately 1 million bots for disseminating disinformation on social media platforms was taken down by the Ukrainian cyber police.
Based on reports, the objective of the massive bot farm was to discredit information from the Ukrainian official state sources to destabilise social status. The cyber police noted that the threat actors deployed these bots to incite internal strife amongst Ukrainians.
The messages distributed by the malicious bots favoured Russian propaganda. Hence, several analysts claimed that these devices that spread disinformation came from the members of the Russian special services.
Additionally, the Ukrainian special police force investigation identified the criminal group’s leader that deployed the bots. According to the analysis, the head of the attack is a Russian political expert that stayed in Kyiv for several years.
The leader is also in charge of organising malicious activities against Ukraine. These attacks were led by him, which was inside the Ukrainian territory and under the radar of domestic political forces.
The organiser of the attack contacted the current MP and a member of the closely related leaders of the state.
As of now, the investigation of the Ukrainian police force is still active and is waiting to uncover the identity of other participants in the disinformation operation. If the police identify these actors, they will be charged with violating Article 361.2, a Ukrainian criminal code.
The bot farm was based in Kyiv and two more towns, which was crucial for the country.
The bot farm taken down by Ukraine’s police force was situated in three cities, Kyiv, Vinnytsia, and Kharkiv. The threat actors relied heavily on these bots to distribute disinformation among citizens.
Moreover, the adversaries used about 5,000 sim cards to register on several social media platforms to develop an online army against Ukraine. Additionally, the threat operators utilised 20utilisedservers that impersonated the legitimate IP addresses and bypassed detection for fraudulent activities. They also used proxy servers to evade getting blocked by social networking sites.
