Meta fights sprawling Chinese 'Spamouflage' operation

Meta on Tuesday said it purged thousands of Facebook accounts that were part of a widespread online Chinese spam operation trying to covertly boost China and criticize the West.

The campaign, which became known as "Spamouflage", was active across more than 50 platforms and forums including Facebook, Instagram, TikTok, YouTube and X, formerly known as Twitter, according to a Meta threat report.

"We assess that it's the largest, though unsuccessful, and most prolific covert influence operation that we know of in the world today," said Meta Global Threat Intelligence Lead Ben Nimmo.

"And we've been able to link Spamouflage to individuals associated with Chinese law enforcement."

More that 7,700 Facebook accounts along with 15 Instagram accounts were jettisoned in what Meta described as the biggest ever single takedown action at the tech giant's platforms.

"For the first time we've been able to tie these many clusters together to confirm that they all go to one operation," Nimmo said.

The network typically posted praise for China and its Xinjiang province and criticisms of the United States, Western foreign policies, and critics of the Chinese government including journalists and researchers, the Meta report says.

The initiative originated from China and its scope encompassed Taiwan, the United States, Australia, Britain, Japan, as well as global audiences that communicate in Chinese.

Facebook or Instagram accounts or pages identified as part of the "large and prolific covert influence operation" were taken down for violating Meta rules against coordinated deceptive behavior on its platforms.

Meta's team said the network seemed to garner scant engagement, with viewer comments tending to point out bogus claims.

Clusters of fake accounts were run from various parts of China, with the cadence of activity strongly suggesting groups working from an office with daily job schedules, according to Meta.

'DOPPELGANGER'

Some tactics used in China were similar to those of a Russian online deception network exposed in 2019, which suggested the operations might be learning from one another, according to Nimmo.

Meta's threat report also provided analysis of the Russian influence campaign called Doppelganger, which was first disrupted by the security team a year ago.

The core of the operation was to mimic websites of mainstream news outlets in Europe and post bogus stories about Russia's war on Ukraine, then try to spread them online, said Meta head of security policy Nathaniel Gleicher.

Companies involved in the campaign were recently sanctioned by the European Union.

Meta said Germany, France and Ukraine remained the most targeted countries overall, but that the operation had added the United States and Israel to its list of targets.

This was done by spoofing the domains of major news outlets, including the Washington Post and Fox News.

Gleicher described Doppelganger, which is intended to weaken support of Ukraine, as the largest and most aggressively persistent influence operation from Russia that Meta has seen since 2017.