- Check Point Research warns Russia and other nation‑states are running large‑scale disinformation campaigns ahead of the US midterms
- Operations include phishing sites, fake donation portals, and Doppelganger clones of major outlets
- Midterm elections are scheduled for November this year
Russia (and probably other nation-states, as well) is actively trying to influence US Midterm elections scheduled to take place in November this year. This is according to a new report from cybersecurity researchers Check Point Research, who said they saw more than 5,000 election-themed websites pop up since January this year.
“In this new era of AI-powered disinformation, the goal is often not to change vote counts directly, but to convince voters that truth itself is difficult to verify,” the researchers said. In other words, these hackers are not targeting the machines that count the votes, but rather humans casting them, influencing them and thus changing the outcome of the elections.
This is hardly a new thing, and we’ve seen US government officials accusing Putin of meddling with US presidential elections before.
Doppelganger
This time, however, Check Point found concrete evidence, as well as a detailed modus operandi of these operations. In January, the researchers found 1,300 domains containing the word “election” and almost 3,000 with the word “vote”. Between mid-April and mid-May, “election” held steady at around 1,140, while “vote” spiked to 4,010. “The volume is increasing as November approaches, and the mix is shifting toward the more voter-facing term,” it was explained.
While domain registration volume alone does not automatically mean malicious intent, security teams know that the domains are usually used for phishing pages impersonating information portals, fake donation collection sites, candidate impersonation, and misinformation distribution campaigns.
Check Point also said that it saw a Russian operation called Doppelganger cloning high-authority news sites (Reuters, The Washington Post, Fox News, and similar) and publishing fake news there, hoping other outlets would pick up and distribute it before realizing the scam.
“Security teams working with campaigns, election organizations, fundraising platforms, or any organization adjacent to this environment should treat this cycle as an elevated-risk period for phishing, brand impersonation, and credential-based attacks,” Check Point concluded. “That’s not because the threats are novel, but because the motivation and attention behind them are significantly higher than usual.”
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
