According to recent reports, a state-sponsored threat group known as CopyCop has been identified by the Insikt Group for its use of generative artificial intelligence (AI) to spread disinformation. This group, believed to be operating from Russia and allegedly connected to the Russian government, specializes in plagiarizing and manipulating content from mainstream media outlets in various countries, including Russia, the United States, the United Kingdom, Ukraine, Israel, and France.
CopyCop’s main strategy involves disseminating their manipulated content through a network of fake websites, primarily in English and French, targeting audiences in the US, UK, and France. Their narratives focus on divisive issues within these countries and align with Russian geopolitical objectives, such as undermining Western policies and eroding support for Ukraine. They have also been observed promoting critical perspectives on Israeli military actions in Gaza and influencing narratives surrounding the 2024 US elections to benefit Republican candidates and criticize the Biden administration.
The operational infrastructure of CopyCop includes a cluster of twelve interconnected websites sharing common elements like TLS certificates, WordPress themes, and hosting infrastructure. They also utilize tools like Matomo for traffic analytics, similar to other Russian state-sponsored influence actors. Recently, CopyCop has expanded its operations to include a self-hosted video-sharing platform and a forum named XposedEm, which aims to expose what they consider “US hypocrisy.”
CopyCop primarily targets audiences in the United States, the United Kingdom, and France to shape narratives and public opinion on domestic issues, election outcomes, and government policies. They also aim to influence perceptions of international conflicts involving Russia, Ukraine, and Israel by presenting perspectives critical of Western positions and supportive of Russian viewpoints.
In terms of attack vectors, CopyCop utilizes tactics such as phishing, social engineering, website compromises, third-party tools exploitation, and content manipulation to further spread their disinformation campaigns. The group operates as a sophisticated network that leverages advanced technology, including generative AI, to create tailored narratives that resonate with specific target audiences while introducing partisan bias in support of Russian interests.
Overall, the operations of CopyCop highlight the growing influence of disinformation campaigns orchestrated by state-sponsored threat groups and the importance of identifying and countering such activities to safeguard the integrity of information and public discourse.