iTnews

Covert Iranian social info ops campaign shuttered

By Juha Saarinen on Aug 22, 2018 11:18AM
Covert Iranian social info ops campaign shuttered

Whole lotta coordinated inauthentic behaviour going on.

A joint investigation by social network Facebook and security vendor FireEye has unveiled a large online propaganda campaign promoting Iranian political interests via social media.

In total, Facebook said it had removed 652 pages on its network and on social image and video sharing site Instagram that it said originated in Iran, and were responsible for coordinated inauthentic behaviour, targeting people in the Middle East, Latin America, United Kingdom and the United States.

Accounts set up on Facebook and Instagram by "Liberty Front Press", a bogus media organisation run from Iran, had tens of thousands of followers. In one case, a Middle East politics page had 813,000 accounts follow it.

The Iranians spent over US$12,000 (A$16,300) on Facebook and Instagram ads as well. These were paid for in US and Australian dollars, along with Turkish lira and Indian rupees, Facebook said.

Liberty Front Press has been active on other social media sites too, including Twitter, Google Plus and YouTube, with thousands of messages posted, a report FireEye shared with iTnews showed.

FireEye discovered that US Journal, described as a "genuinely independent online media outlet" used a phone number with the Iranian +98 country code on its Twitter account.

One journalist listed as a writer on US Journal appears to be genuine and exist, FireEye said.

However, two others, "Elizabeth Tacher" (@BethTacher on Twitter) and "Liam Jay Campbell" (@LiamJayCampbel1) appear to be fabricated personas with profile pictures taken from actors and stock photo libraries.

FireEye also discovered what appears to be a fake non-governmental organisation, "Real Progressive Front" that claimed to employ the same individuals as US Journal, and "The British Left" site which also passes itself off as an NGO.

Targeting Latin American web users, the Iranians set up a site for "Instituto Manquehue" that claimed to be an independent civic organisation but which used an email for the domain registration found on another site promoting Shia Islam.

The themes promoted were pro-Iranian and pro-Palestinian views, and support for UK Labour Party leader Jeremy Corbyn.

American president Donald Trump, who pulled his country out of the nuclear anti-proliferation deal with Iran, was attacked by the social media accounts. 

US senator Bernie Sanders who sought nomination as the Democratic Party's presidential candidate in 2016, was also targettted by the Iranian social media accounts.

They also promoted anti-Israel and anti-Saudi Arabia themes, as the two countries are Iran's main adversaries in the Middle East.

FireEye noted that the accounts were active during the Iranian working week, tweeted topics relevant to the country and used hashtags such as #Arbaeen, referring to a Shiite religious holiday, FireEye said.

Asides from using Iranian +98 phone numbers, the accounts also posted from internet protoocol addresses allocated to networks in the Middle Eastern country, FireEye said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
facebook fake news fireeye iran russia saudi arabia security

Partner Content

Shut the door on ransomware
Promoted Content Shut the door on ransomware
One way SD-WAN can save business leaders' time
Partner Content One way SD-WAN can save business leaders' time
As Australian companies lean more heavily on the cloud, edge security is finding its stride
Partner Content As Australian companies lean more heavily on the cloud, edge security is finding its stride
Tackling cybersecurity in 2021
Partner Content Tackling cybersecurity in 2021

Sponsored Whitepapers

The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training
Your guide to application security solutions
Your guide to application security solutions
State of Software Security: Open Source Edition
State of Software Security: Open Source Edition
Five questions to ask before you upgrade to a SIEM solution
Five questions to ask before you upgrade to a SIEM solution

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [iTnews and Micro Focus] Navigating the cloud modernisation minefield
By Juha Saarinen
Aug 22 2018
11:18AM
0 Comments

Related Articles

  • Twitter reveals purges of state-sponsored threat actors
  • Biden's options for Russian hacking punishment: sanctions, cyber retaliation
  • FireEye, GoDaddy and Microsoft flick SolarWinds SUNBURST 'killswitch'
  • Facebook suspends fake Russian accounts, warns of US election hack-and-leak threat
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

TPG Telecom to start enticing NBN customers to move

TPG Telecom to start enticing NBN customers to move

Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build

Telstra InfraCo opens up telco's own fibre network

Telstra InfraCo opens up telco's own fibre network

Transport for NSW data stolen in Accellion breach

Transport for NSW data stolen in Accellion breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.