“US Seizes Russian AI Bot Farm Domains, Disrupts Disinformation”

An official website of the United States government

The Justice Department has announced a significant breakthrough in the ongoing battle against foreign disinformation campaigns. Today, two domain names were seized, and 968 social media accounts were searched. These accounts were used by Russian actors to establish an AI-enhanced social media bot farm that disseminated disinformation both in the United States and internationally. The social media bot farm utilized advanced AI to create fictitious social media profiles, often masquerading as Americans, to spread messages supporting Russian government objectives. This information comes from affidavits unsealed today.

Introduction

In today’s digital age, the spread of disinformation has become a significant concern for governments worldwide. With the advent of advanced technologies such as artificial intelligence (AI), malicious actors have found new ways to manipulate public opinion and destabilize societies. One such instance involves Russian actors creating an AI-enhanced social media bot farm to spread disinformation in the United States and abroad. This article delves into the Justice Department’s recent actions to disrupt this operation and provides an in-depth analysis of the technology and strategies employed by these actors.

The Justice Department’s latest move against foreign disinformation campaigns marks a critical step in the ongoing battle to protect democratic institutions and public trust. By seizing two domain names and searching 968 social media accounts, the department has taken a significant stride towards mitigating the impact of these malicious activities. This article will explore the details of this operation, the technology behind the bot farm, and the collaborative efforts between various international partners to combat this threat.

The Justice Department’s Operation

Seizure of Domain Names and Social Media Accounts

The Justice Department’s operation involved the seizure of two domain names and the search of 968 social media accounts. These accounts were part of a sophisticated AI-enhanced social media bot farm used by Russian actors to spread disinformation. The bot farm created fictitious social media profiles, often posing as Americans, to promote messages aligning with Russian government objectives.

• Domain Names Seized: The two domain names seized by the FBI were “mlrtr.com” and “otanmail.com.” These domains were used to create private email servers, which facilitated the registration of fictitious social media accounts.
• AI-Enhanced Bot Farm: The bot farm leveraged AI technologies to generate realistic social media profiles, including images and text. These profiles were then used to disseminate disinformation on a large scale.

According to affidavits unsealed today, the bot farm’s creators used advanced AI systems to generate realistic social media profiles, which were then used to promote Russian government narratives. This operation is part of a broader strategy by the Russian government to influence public opinion and destabilize democracies worldwide.

Collaborative Efforts

The operation was a collaborative effort involving multiple international partners, including the FBI, the Cyber National Mission Force (CNMF), the Canadian Centre for Cyber Security (CCCS), the Netherlands General Intelligence and Security Service (AIVD), the Netherlands Military Intelligence and Security Service (MIVD), and the Netherlands Police. These agencies released a joint cybersecurity advisory detailing the technology behind the social media bot farm and providing guidelines for social media platforms and researchers to identify and prevent further misuse of the technology.

• International Collaboration: The operation involved close cooperation between U.S. and international agencies, highlighting the importance of global partnerships in combating cyber threats.
• Cybersecurity Advisory: The joint advisory aims to equip social media platforms and researchers with the knowledge needed to detect and prevent similar disinformation campaigns in the future.

The advisory provides a comprehensive overview of the technology used in the bot farm, including the AI systems employed to generate fictitious profiles. It also offers recommendations for social media platforms to enhance their detection and prevention mechanisms.

Statements from Key Officials

Attorney General Merrick B. Garland emphasized the significance of this operation in disrupting a Russian-government-backed, AI-enabled propaganda campaign. He stated, “As the Russian government continues to wage its brutal war in Ukraine and threatens democracies around the world, the Justice Department will continue to deploy all of our legal authorities to counter Russian aggression and protect the American people.”

Deputy Attorney General Lisa Monaco highlighted the Justice Department’s commitment to combating the criminal misuse of AI. She said, “As malign actors accelerate their criminal misuse of AI, the Justice Department will respond and we will prioritize disruptive actions with our international partners and the private sector.”

FBI Director Christopher Wray underscored the importance of this disruption, stating, “Russia intended to use this bot farm to disseminate AI-generated foreign disinformation, scaling their work with the assistance of AI to undermine our partners in Ukraine and influence geopolitical narratives favorable to the Russian government.”

U.S. Attorney Gary Restaino for the District of Arizona expressed support for civic engagement and civil dialogue, emphasizing that these ideas should be generated by Americans for Americans. He noted that the disruption protects citizens from those who seek to mislead communities through unlawful means.

Acting U.S. Attorney Morris Pasqual for the Northern District of Illinois highlighted the combined response from international partners to address this unique threat. He praised the collaborative efforts that led to the successful disruption of the bot farm.

Overview of the Bot Farm

What is a Bot Farm?

A bot farm is an enhanced software package that allows the creation of false personas on social media platforms. These bot farms integrate components of artificial intelligence, such as image production and text generation, to create realistic profiles that can be used to disseminate information on a large scale.

• AI Integration: The bot farm utilized AI technologies to generate realistic social media profiles, including images and text. This made the fictitious profiles appear more authentic and credible.
• Mass Dissemination: The bot farm was capable of creating and managing a large number of social media accounts, allowing for the widespread dissemination of disinformation.

The affidavits filed in support of the warrants provide detailed insights into the development and operation of the bot farm. The operation was organized by an individual identified in Russia, referred to as Individual A.

Development and Operation

The development of the social media bot farm was spearheaded by Individual A, who worked as the deputy editor-in-chief at RT, a state-run Russian news organization based in Moscow. Since at least 2022, RT leadership sought alternative means for distributing information beyond traditional television broadcasts. In response, Individual A led the development of software capable of creating and operating a social media bot farm.

• Leadership Role: Individual A played a pivotal role in the development of the bot farm, leveraging their position at RT to advance the project.
• Alternative Distribution: The bot farm was developed as an alternative means for distributing information, allowing RT and other operators to reach a broader audience through social media.

The development was executed by Individual B and others, who concealed their identities and location (Russia) while acquiring the necessary infrastructure for the bot farm. In April 2022, they began purchasing the infrastructure needed to create and operate the bot farm.

In early 2023, with approval and financial support from the Presidential Administration of Russia (the Kremlin), a Russian FSB officer (referred to as FSB Officer 1) created and led a private intelligence organization (P.I.O.). The P.I.O. included employees from RT, including Individual A. The true purpose of the P.I.O. was to advance the mission of the FSB and the Russian government by spreading disinformation through the social media accounts created by the bot farm.

• FSB Involvement: The involvement of the FSB and the Kremlin underscores the state-sponsored nature of the bot farm operation.
• Private Intelligence Organization: The creation of the P.I.O. highlights the strategic approach taken by the Russian government to leverage private entities for disinformation campaigns.

Examples of Disinformation Campaigns

The affidavits provide examples of the Russian-government narratives that the bot farm posted on X (formerly Twitter) in October and November 2023. These narratives were designed to promote geopolitical narratives favorable to the Russian government and undermine support for Ukraine.

• Geopolitical Narratives: The disinformation campaigns focused on promoting narratives that aligned with Russian government objectives, including undermining support for Ukraine.
• AI-Generated Content: The bot farm used AI-generated content to make the disinformation appear more credible and persuasive.

The bot farm relied on private email servers, which were created using the seized domain names, to register the fictitious social media accounts. This allowed the actors to bypass traditional verification mechanisms and create a large number of fake profiles.

Violations and Legal Implications

The FSB’s use of U.S.-based domain names to register the bots violated the International Emergency Economic Powers Act. Additionally, the accompanying payments for the infrastructure violated federal money laundering laws.

• Legal Violations: The use of U.S.-based domain names and the associated financial transactions constituted violations of federal laws, including the International Emergency Economic Powers Act and federal money laundering statutes.
• Law Enforcement Response: The Justice Department’s actions demonstrate a robust response to these violations, including the seizure of domain names and the search of social media accounts.

The Justice Department commended members of the private sector who coordinated with law enforcement efforts on this disruption, including X for its voluntary efforts to suspend the identified bot accounts. Prior to the government’s action, X identified and suspended a significant number of the bot accounts.

• Private Sector Collaboration: The cooperation between law enforcement and private sector entities, such as X, played a crucial role in the successful disruption of the bot farm.
• Proactive Measures: X’s proactive measures to identify and suspend bot accounts highlight the importance of vigilance and collaboration in combating disinformation.

Ongoing Investigation

The Justice Department’s investigation into the bot farm and its operators is ongoing. The National Security Division’s National Security Cyber Section, the U.S. Attorney’s Office for the District of Arizona, and the U.S. Attorney’s Office for the Northern District of Illinois are prosecuting the case, with valuable assistance from the National Security Division’s Counterintelligence and Export Control Section.

• Multi-Agency Collaboration: The ongoing investigation involves multiple agencies and highlights the importance of a coordinated approach to addressing complex cyber threats.
• Prosecution Efforts: The involvement of various prosecutorial offices underscores the seriousness of the offenses and the commitment to holding those responsible accountable.

Recent Developments

In related news, Nikolay Goltsev, 38, of Montreal, and Salimdzhon Nasriddinov, 53, of Brooklyn, New York, pleaded guilty to conspiracy to commit export control violations for their roles in a global procurement network. This network was involved in circumventing U.S. export control laws to obtain sensitive technologies for foreign entities.

• Export Control Violations: The guilty pleas highlight the broader context of international efforts to circumvent U.S. laws and obtain sensitive technologies.
• Global Procurement Network: The involvement of individuals in a global procurement network underscores the complexity and reach of such operations.

Douglas Edward Robertson, 56, of Olathe, Kansas, the former vice president of KanRus Trading Company Inc., also pleaded guilty to his role in a years-long conspiracy to circumvent U.S. export control laws.

• Conspiracy Charges: The guilty plea of Douglas Edward Robertson further illustrates the ongoing efforts to enforce U.S. export control laws and hold violators accountable.
• Years-Long Conspiracy: The duration of the conspiracy highlights the persistence and determination of those involved in circumventing U.S. laws.

In another significant development, the former president of Honduras, Juan Orlando Hernández, 55, also known as JOH, was sentenced to 540 months in prison and 60 months of supervised release for cocaine importation and related offenses.

• High-Profile Sentencing: The sentencing of a former head of state underscores the seriousness of the charges and the commitment to enforcing international drug trafficking laws.
• International Impact: The case highlights the global reach of U.S. law enforcement efforts and the importance of international cooperation in combating transnational crime.

FAQs

What is a social media bot farm?

A social media bot farm is a sophisticated software system that creates and manages large numbers of fake social media profiles. These profiles are often used to spread disinformation and manipulate public opinion.

How do AI-enhanced bot farms work?

AI-enhanced bot farms leverage artificial intelligence technologies to generate realistic social media profiles, including images and text. These profiles are then used to disseminate disinformation on a large scale.

What were the two domain names seized by the FBI?

The FBI seized the domain names “mlrtr.com” and “otanmail.com.” These domains were used to create private email servers, which facilitated the registration of fictitious social media accounts.

What legal violations were committed by the operators of the bot farm?

The operators of the bot farm violated the International Emergency Economic Powers Act by using U.S.-based domain names to register the bots. They also violated federal money laundering laws through the accompanying financial transactions.

What are the implications of the Justice Department’s actions?

The Justice Department’s actions demonstrate a robust response to foreign disinformation campaigns and highlight the importance of international collaboration in combating cyber threats. The seizure of domain names and the search of social media accounts aim to disrupt the operations of malicious actors and protect democratic institutions.

What role did the private sector play in this operation?

The private sector, including X (formerly Twitter), played a crucial role in the successful disruption of the bot farm. X voluntarily suspended identified bot accounts and collaborated with law enforcement efforts to mitigate the impact of the disinformation campaign.

Conclusion

The Justice Department’s recent actions represent a significant milestone in the ongoing battle against foreign disinformation campaigns. By seizing domain names and searching social media accounts, the department has taken a decisive step towards disrupting a sophisticated AI-enhanced social media bot farm operated by Russian actors. This operation underscores the importance of international collaboration, the critical role of the private sector, and the need for robust legal frameworks to combat cyber threats. As the investigation continues, the Justice Department remains committed to protecting democratic institutions and safeguarding public trust from the malicious activities of state-sponsored actors.