ClearSky Cyber Security and SentinelLabs have discovered a new wave of Russian information warfare campaign named Doppelgänger NG. “Doppelgänger” (meaning spirit double, an exact but usually invisible replica) is a global information warfare campaign publishing false information on hundreds of fake websites and social media channels.
Our research revealed that “Doppelgänger NG” is again fully operational in 2024, using new infrastructure. Furthermore, we found a link between the “Doppelgänger NG” Campaign and the Russian cyber espionage group APT28.
Key findings:
- New infrastructure used by “Doppelgänger NG”.
- We discovered a potential link between APT28 to “Doppelgänger NG” campaign.
- The “Doppelgänger NG” campaign has expanded its victims list, including new targets in the US, Germany, Israel, and France.
- The “Doppelgänger NG” network contains more than 150 domains, including news feeds
relevant to five countries (United State, Israel, France, Germany, Ukraine).
Article Link: https://www.clearskysec.com/dg/