Fronton botnet can launch trending disinformation campaigns

Ryan Daws is a senior editor at TechForge Media with over a decade of experience in crafting compelling narratives and making complex topics accessible. His articles and interviews with industry leaders have earned him recognition as a key influencer by organisations like Onalytica. Under his leadership, publications have been praised by analyst firms such as Forrester for their excellence and performance. Connect with him on X (@gadget_ry) or Mastodon (

A Russian IoT botnet known as Fronton can use inauthentic coordinated behaviour to launch disinformation trends on social media.

“Trends” on social media platforms are how many people keep updated with what’s going on in the world. There’s growing awareness of not believing everything that’s posted under a trend – especially around developing events like terror attacks – but there’s often an acceptance that it’s trending because enough real people are posting about it.

IoT devices have become the perfect targets for botnets due to their rapid proliferation, often poor security, global distribution, and always-on nature. Such IoT botnets have launched record-breaking DDoS (Distributed Denial of Service) attacks.

Hacktivist group Digital Revolution uncovered the Fronton botnet in March 2020. The group released documents about the botnet after claiming to have hacked a subcontractor of the Federal Security Service of the Russian Federation.

Initial details about the botnet focused on its serious DDoS abilities and resulted in headlines saying that it could “Disconnect the internet in a small country”. However, many missed the release of further documents, images, and a video that revealed its other big capability.

Virginia-based computer security firm Nisos delved deeper into this additional information and found that Fronton includes a web-based dashboard called SANA.

In a blog post, Nisos explained:

“SANA creates social media persona accounts, including provisioning of an email and phone number. In addition, the system provides facilities for creating these newsbreaks on a schedule or a reactive basis.”

The creation of fake social accounts from around the world and using them in a coordinated manner to start trends would be difficult for any social media platform to detect. However, the implications are huge.

We’ve seen disinformation campaigns launched to stoke divisions around topics like COVID-19 and immigration. There are also credible reports they’ve been used to influence democratic processes like elections.

Russia’s unwarranted, barbaric, and illegal invasion of Ukraine has led Sweden and Finland to drop their historic stance of military neutrality and apply to join NATO—fearing they could otherwise be left unprotected if Russia decides to invade other neighbouring countries.

“Russia has said that it will take countermeasures if we join NATO,” Swedish Prime Minister Magdalena Andersson told reporters on May 16. “We cannot rule out that Sweden will be exposed to, for instance, disinformation and attempts to intimidate and divide us.”

Everyone should be vigilant that botnets like Fronton can be used to launch trending disinformation campaigns and that, more than ever, it’s vital to ensure that all information is verified from a trusted source before sharing it or using it to form an opinion.

(Photo by Viktor Talashuk on Unsplash)

Related: Mirai variant ‘Beastmode’ exploits fresh vulnerabilities

Want to learn about the IoT from industry leaders? Check out IoT Tech Expo taking place in Amsterdam, California, and London. The event is also co-located with the Cyber Security & Cloud Expo.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , , , , , , , , ,

View Comments
Leave a comment

2 comments on “Fronton botnet can launch trending disinformation campaigns

  1. Illia Kyselov on

    I live in Ukraine and am involved in what is happening. It’s true, there is a lot of disinformation coming from Russia and it’s hard to fight it. I hope sanctions can weaken their potential…

    • Ryan Daws on

      I also hope such international efforts will weaken Russia’s ability to carry out (and sustain) both digital and physical attacks. Thanks for reading Illia and stay safe.


Leave a Reply

Your email address will not be published. Required fields are marked *