A pro-Chinese group has been spotted circulating videos on social media to discourage Americans from voting in the midterm elections, according to cybersecurity firm Mandiant.
Mandiant today published a new report on the group, dubbed Dragonbridge, and its recent activities to spread disinformation. This included publishing a video that focused on discrediting the US democratic system at a time when the country remains bitterly divided.
“The video asserted that ‘the solution to America's ills is not to vote for someone,’ but rather to ‘root out this ineffective and incapacitated system,’” Mandiant said. “Narratives in the video also cast doubt on the productivity of US lawmakers and of the legislative process in having a tangible impact on Americans’ lives.”
The same video also claimed that "political infighting, partisanship, polarization, and division had become fundamental aspects of American democracy,” while frequenting mention the term “civil war,” according to the security firm.
Since 2019, Mandiant—now owned by Google—has been tracking Dragonbridge, which operates via thousands of fake social media accounts. The latest disinformation from the group shows Dragonbridge has grown more “aggressive” in its effort to sow discord in the US, the company added.
However, Mandiant says Dragonbridge has failed to gain traction among the American public. The posted social media content from the group has also since been taken down. Still, Mandiant says the group continues to be worth monitoring due to Dragonbridge’s persistence and its ability to quickly pump out the disinformation.
In addition, Dragonbridge has been spotted trying to mislead people into believing a Chinese hacking group, dubbed APT41 or Winnti, actually comes from the US. The group did so by plagiarizing an article from the Hong Kong-based news outlet, Sing Tao Daily, about APT41, and then altering the article to claim the hacking group was a US government operation.
The group’s fake accounts on Twitter then amplified the claim by saying APT41 has been carrying out cybercrime on the behalf of the US. On top of all this, Dragonbridge also created at least eight fake accounts on Twitter that tried to impersonate Intrusion Truth, a group of analysts that focus on exposing Chinese state-sponsored hackers.
“Separate Dragonbridge accounts have also replied to tweets posted by the original Intrusion Truth, questioning the veracity of the group’s information while highlighting alleged malicious US cyber activities,” Mandiant said. “Such posts demonstrate that Dragonbridge is aware of and responsive to Intrusion Group messaging.”
In an email, Mandiant said it linked the social media activity to Dragonbridge by looking at factors such as "appropriated profile photos, identical/similar content" along with overlap between newly-identified accounts and accounts previously identified as belonging to the group.