Categories
AI

Facebook removes ‘deepfake’ of Ukrainian President Zelenskyy

On Wednesday, Facebook’s parent company, Meta, removed a deepfake video of Ukrainian President Volodymyr Zelenskyy issuing a statement that he never made, asking Ukrainians to “lay down arms.”

The deepfake appears to have been first broadcasted on a Ukrainian news website for TV24 after an alleged hack, as first reported by Sky News on Wednesday. The video shows an edited Zelenskyy speaking behind a podium declaring that Ukraine has “decided to return Donbas” to Russia and that his nation’s war efforts had failed.

In the video, Zelenskyy’s head is comically larger than in real life and is more pixelated than his surrounding body. The fake voice is much deeper than his real voice as well.

Meta’s head of security policy, Nathaniel Gleicher, put out a tweet thread on Wednesday announcing that the video had been removed from the company’s platforms. “Earlier today, our teams identified and removed a deepfake video claiming to show President Zelensky issuing a statement he never did. It appeared on a reportedly compromised website and then started showing across the internet,” Gleicher said.

Earlier this month, the Ukrainian government issued a statement warning soldiers and civilians to take pause when they encounter videos of Zelenskyy online, especially if he announces a surrender to Russian invasion. In the statement, the Ukrainian Center for Strategic Communications said that the Russian government would likely use deepfakes to convince Ukrainians to surrender.

“Videos made through such technologies are almost impossible to distinguish from the real ones. Be aware – this is a fake! His goal is to disorient, sow panic, disbelieve citizens and incite our troops to retreat,” the statement said. “Rest assured – Ukraine will not capitulate!”

After the deepfake started to circulate across the internet, Zelenskyy posted a video to his official Instagram account debunking the video. “As for the latest childish provocation with advice to lay down arms, I only advise that the troops of the Russian Federation lay down their arms and return home,” he said. “We are at home and defending Ukraine.”

Facebook banned deepfakes and other manipulated videos from its platforms in 2020 ahead of the US presidential election. The policy includes content created by artificial intelligence or machine learning algorithms that could “likely mislead” users.



Repost: Original Source and Author Link

Categories
Security

Hacking group posted fake Ukrainian surrender messages, says Meta in new report

A Belarus-aligned hacking group has attempted to compromise the Facebook accounts of Ukrainian military personnel and posted videos from hacked accounts calling on the Ukrainian army to surrender, according to a new security report from Meta (the parent company of Facebook).

The hacking campaign, previously labeled “Ghostwriter” by security researchers, was carried out by a group known as UNC1151, which has been linked to the Belarusian government in research conducted by Mandiant. A February security update from Meta flagged activity from the Ghostwriter operation, but since that update, the company said that the group had attempted to compromise “dozens” more accounts, although it had only been successful in a handful of cases.

Where successful, the hackers behind Ghostwriter had been able to post videos that appeared to come from the compromised accounts, but Meta said that it had blocked these videos from being shared further.

The spreading of fake surrender messages has already been a tactic of hackers who compromised television networks in Ukraine and planted false reports of a Ukrainian surrender into the chyrons of live broadcast news. Though such statements can quickly be disproved, experts have suggested that their purpose is to erode Ukrainians’ trust in media overall.

The details of the latest Ghostwriter hacks were published in the first installment of Meta’s quarterly Adversarial Threat Report, a new offering from the company that builds on a similar report from December 2021 that detailed threats faced throughout that year. While Meta has previously published regular reports on coordinated inauthentic behavior on the platform, the scope of the new threat report is wider and encompasses espionage operations and other emerging threats like mass content reporting campaigns.

Besides the hacks against military personnel, the latest report also details a range of other actions conducted by pro-Russian threat actors, including covert influence campaigns against a variety of Ukrainian targets. In one case from the report, Meta alleges that a group linked to the Belarusian KGB attempted to organize a protest event against the Polish government in Warsaw, although the event and the account that created it were quickly taken offline.

Although foreign influence operations like these make up some of the most dramatic details of the report, Meta says that it has also seen an uptick in influence campaigns conducted domestically by repressive governments against their own citizens. In a conference call with reporters Wednesday, Facebook’s president for global affairs, Nick Clegg, said that attacks on internet freedom had intensified sharply.

“While much of the public attention in recent years has been focused on foreign interference, domestic threats are on the rise globally,” Clegg said. “Just as in 2021, more than half the operations we disrupted in the first three months of this year targeted people in their own countries, including by hacking people’s accounts, running deceptive campaigns and falsely reporting content to Facebook to silence critics.”

Authoritarian regimes generally looked to control access to information in two ways, Clegg said: firstly by pushing propaganda through state-run media and influence campaigns, and secondly by trying to shut down the flow of credible alternative sources of information.

Per Meta’s report, the latter approach has also been used to restrict information about the Ukraine conflict, with the company removing a network of around 200 Russian-operated accounts that engaged in coordinated reporting of other users for fictitious violations, including hate speech, bullying, and inauthenticity, in an attempt to have them and their posts removed from Facebook.

Echoing an argument taken from Meta’s lobbying efforts, Clegg said that the threats outlined in the report showed “why we need to protect the open internet, not just against authoritarian regimes, but also against fragmentation from the lack of clear rules.”

Repost: Original Source and Author Link

Categories
Security

Microsoft seized Russian domains targeting Ukrainian media organizations

Microsoft seized seven domains belonging to Strontium, also known as Fancy Bear or APT28, a Russian hacking group with ties to the country’s military intelligence agency, the company announced in a blog post (via TechCrunch). According to Microsoft, Russian spies used these sites to target Ukrainian media outlets, as well as foreign policy think tanks and government institutions located in the US and the European Union.

Microsoft obtained a court order to take control of each domain on April 6th. It then redirected them to a sinkhole, or a server used by cybersecurity experts to capture and analyze malicious connections. The company says it has seized over 100 domains controlled by Fancy Bear before this most recent takedown.

“We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information,” Tom Burt, Microsoft’s corporate vice president of customer security and trust said in the post. “We have notified Ukraine’s government about the activity we detected and the action we’ve taken.”

This particular hacking group has a long history of attempting to interfere with both Ukraine and the US. Fancy Bear was linked to cyberattacks on the Democratic National Committee in 2016 and targeted the US election in 2020.

Russia’s invasion of Ukraine has only exacerbated cyberattacks by Fancy Bear and other bad actors. Last month, Google said Fancy Bear and Belarusian hacking group Ghostwriter carried out a phishing attack targeting Ukrainian officials and members of the Polish military. Russian state-sponsored hackers have also been accused of hacking into a European satellite service at the start of Russia’s invasion of Ukraine, as well as targeting US defense contractors in February. It’s unclear whether Fancy Bear was behind either attack.

Repost: Original Source and Author Link