RT @snlyngaas: New —> We tied the email addresses reportedly used in non-credible bomb threats on Election Day to a much broader campaign o….

RT @Graphika_NYC: A new report from @CNN featuring exclusive insights from Graphika's @jc_stubbs looks at numerous non-credible bomb threat….

The most fun image & video creation tool in the world is here. Try it for free in the Grok App.

Be watchful. Be wary. But don’t get taken in.

The point is they want our attention. They want to waste our time. And they want our outrage. As @olgs7, @LeeFosterIntel, @RidT, and Gavin Wilde explained so well back in May, it’s how they can claim “impact” - both with the U.S. public and their bosses.

Or the 2022 midterms, when Russian-operated inauthentic accounts theatrically confessed and “apologized” for their actions

Russian IO has a history of this kind of puerile and attention-seeking behavior. Some of us are old enough to remember the heydays of “Peace Data” and “NAEBC” .

What happens when you put all those puzzle pieces together. ? My colleagues at @Graphika_NYC have the answer.

That content has impersonated the FBI, the CIA, and a bunch of media outlets. And a number of the Operation Overload posts have contained a QR code embedded with a cryptic little puzzle piece.

In recent weeks, days, and hours, we’ve seen a steady drumbeat of content seeded by a Russia-linked operation variously known as Operation Overload and Matryoshka. The folks at @antibot4navalny and @CheckFirstHQ have done a great job documenting its activities publicly.

🧩As in previous U.S. election cycles, Russia-linked influence operations have attempted to spread false and inflammatory claims online using deceptive practices. Something else that remains the same: They want our attention and they are trolling us.

RT @DisinfoEU: Many of you read @wapo’s investigation and we want to reiterate that there's no association between us and 'The DisinfoLab',….

@NCSC @Graphika_NYC @DFRLab @CrimeSecurityCU @oiioxford @benimmo @Reddit @Reuters @pearswick @Bing_Chris Importantly for IO folks, this does not mean that Secondary Infektion = the FSB. But it’s one more step forward in what has been a years-long journey of discovery.

@NCSC @Graphika_NYC @DFRLab @CrimeSecurityCU @oiioxford @benimmo @Reddit @Reuters And today we learn those hackers were a group of FSB officers. An actor also known as Callisto Group, SEABORGIUM, or COLDRIVER. @pearswick and @Bing_Chris reported some fascinating details on COLDRIVER earlier this year.

@NCSC @Graphika_NYC @DFRLab @CrimeSecurityCU @oiioxford @benimmo @Reddit Myself and colleagues at @Reuters later reported that the leaked documents were stolen by state-backed Russian hackers from the email inbox of then UK trade minister Liam Fox.

@NCSC @Graphika_NYC @DFRLab @CrimeSecurityCU @oiioxford @benimmo @Reddit And then by the British government .

@NCSC @Graphika_NYC @DFRLab @CrimeSecurityCU @oiioxford @benimmo Our findings were subsequently confirmed by @Reddit.

@NCSC @Graphika_NYC @DFRLab @CrimeSecurityCU @oiioxford What we found, as detailed by @benimmo at the time, was that the way the papers were first seeded and amplified online exactly matched the behavioral fingerprint of a long-standing Russian influence operation called Secondary Infektion.

@NCSC Those leaked papers were widely circulated by the UK Labour Party during the election campaign. Myself and researchers including @Graphika_NYC, @DFRLab, @CrimeSecurityCU, and @oiioxford were the first to ask where they came from .

According to the UK's @NCSC, it was hackers almost certainly subordinate to FSB Centre 18 who stole confidential UK-US trade documents which were then leaked ahead of the election by Russia-linked influence operation Secondary Infektion .

I don’t post much anymore, but today more news dropped in a story I have been following (and reporting) for almost exactly 4 years. It still surprises me how few people are aware, or acknowledge, that Russia targeted the UK 2019 general election with a hack-and-leak operation.