Skip to content

Search the site

Chinese hackers using fake profiles to sow chaos in US

Threat actors in China have been using fake profiles and AI engines to generate inflammatory content around major news and election events in the US

Microsoft says it has observed Chinese state-backed threat actors using phony social media profiles to rile up voters ahead of the US election.

The Redmont software giant said it had observed what it termed "deceptive social media accounts" that were associated with the Chinese Communist Party trying to stir up anger amongst users in the States.

According to Microsoft, the aim of the campaign may not be to simply sow chaos, but could in fact be an effort to test the waters for a more extensive campaign set to take place later in the year.

"Deceptive social media accounts by Chinese Communist Party (CCP)-affiliated actors have started to pose contentious questions on controversial US domestic issues to better understand the key issues that divide US voters," explained Microsoft threat analysis center general manager Clint Watts.

"This could be to gather intelligence and precision on key voting demographics ahead of the US presidential election."

Microsoft researchers also note that the disinformation campaigns are not solely the doing of human actors. The team believes that CCP-backed threat actors are also using AI to help generate content related to conspiracy theories about major news events in the US.

"There has been an increased use of Chinese AI-generated content in recent months, attempting to influence and sow division in the US and elsewhere on a range of topics including: the train derailment in Kentucky in November 2023, the Maui wildfires in August 2023, the disposal of Japanese nuclear wastewater, drug use in the U.S. as well as immigration policies and racial tensions in the country," Watts noted.

It is not just China who has been more active in recent months. Microsoft also noted that North Korea continues to be active as well. Despite recent volatility in the market, Microsoft says that the hermit kingdom continues to target cryptocurrencies as a way to skirt financial sanctions.

"North Korea continued to prioritize the theft of cryptocurrency funds, conducting software supply-chain attacks and targeting their perceived national security adversaries," Watts explained.

"This is likely to generate revenue, principally for its weapons program, in addition to collecting intelligence on the United States, South Korea, and Japan."