A Russian IoT botnet known as Fronton can use inauthentic coordinated behaviour to launch disinformation trends on social media.
“Trends” on social media platforms are how many people keep updated with what’s going on in the world. There’s growing awareness of not believing everything that’s posted under a trend – especially around developing events like terror attacks – but there’s often an acceptance that it’s trending because enough real people are posting about it.
IoT devices have become the perfect targets for botnets due to their rapid proliferation, often poor security, global distribution, and always-on nature. Such IoT botnets have launched record-breaking DDoS (Distributed Denial of Service) attacks.
Hacktivist group Digital Revolution uncovered the Fronton botnet in March 2020. The group released documents about the botnet after claiming to have hacked a subcontractor of the Federal Security Service of the Russian Federation.
Initial details about the botnet focused on its serious DDoS abilities and resulted in headlines saying that it could “Disconnect the internet in a small country”. However, many missed the release of further documents, images, and a video that revealed its other big capability.
Virginia-based computer security firm Nisos delved deeper into this additional information and found that Fronton includes a web-based dashboard called SANA.
In a blog post, Nisos explained:
“SANA creates social media persona accounts, including provisioning of an email and phone number. In addition, the system provides facilities for creating these newsbreaks on a schedule or a reactive basis.”
The creation of fake social accounts from around the world and using them in a coordinated manner to start trends would be difficult for any social media platform to detect. However, the implications are huge.
We’ve seen disinformation campaigns launched to stoke divisions around topics like COVID-19 and immigration. There are also credible reports they’ve been used to influence democratic processes like elections.
Russia’s unwarranted, barbaric, and illegal invasion of Ukraine has led Sweden and Finland to drop their historic stance of military neutrality and apply to join NATO—fearing they could otherwise be left unprotected if Russia decides to invade other neighbouring countries.
“Russia has said that it will take countermeasures if we join NATO,” Swedish Prime Minister Magdalena Andersson told reporters on May 16. “We cannot rule out that Sweden will be exposed to, for instance, disinformation and attempts to intimidate and divide us.”
Everyone should be vigilant that botnets like Fronton can be used to launch trending disinformation campaigns and that, more than ever, it’s vital to ensure that all information is verified from a trusted source before sharing it or using it to form an opinion.
(Photo by Viktor Talashuk on Unsplash)
Related: Mirai variant ‘Beastmode’ exploits fresh vulnerabilities
Want to learn about the IoT from industry leaders? Check out IoT Tech Expo taking place in Amsterdam, California, and London. The event is also co-located with the Cyber Security & Cloud Expo.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
I live in Ukraine and am involved in what is happening. It’s true, there is a lot of disinformation coming from Russia and it’s hard to fight it. I hope sanctions can weaken their potential…
I also hope such international efforts will weaken Russia’s ability to carry out (and sustain) both digital and physical attacks. Thanks for reading Illia and stay safe.