Unmasking Doppelganger: Inside Russia’s Disinformation Machine
The notorious Russian disinformation operation known as Doppelganger resurfaced in early September 2024, triggering renewed scrutiny of its tactics and impact. First exposed in 2022, Doppelganger involves cloning legitimate news websites and injecting fabricated articles, videos, and polls to manipulate public opinion on sensitive political and cultural issues across the US, France, Germany, and Ukraine. These fake platforms, mimicking established news organizations with astonishing accuracy, lure unsuspecting internet users through social media, often via automated posts. While tech companies have diligently tracked and removed Doppelganger’s online presence, even exposing the Moscow-based Social Design Agency (SDA) as the orchestrator, the disinformation campaign has persisted.
The US Department of Justice took a significant step on September 4, 2024, seizing 32 internet domains linked to Doppelganger and releasing a comprehensive FBI affidavit. This unprecedented 277-page document included a trove of internal SDA communications, likely obtained through intelligence operations. Just days later, a massive leak of authentic SDA documents surfaced, providing an even deeper look into the inner workings of this sophisticated disinformation campaign. This leak, totaling 2.4 gigabytes of data, allowed researchers and journalists unprecedented access to the planning, execution, and evaluation of one of the most extensive disinformation efforts in recent history.
The leaked files, encompassing project plans, budgets, progress reports, internal emails, and even a promotional video for the Kremlin, offer an extraordinary glimpse into the operational realities of modern Russian disinformation. While the use of the internet for propaganda dissemination has been a concern since the 2016 US presidential election interference, the sheer volume of internal documents from a key player like SDA is unprecedented. This trove of information offers tactical and strategic insights that were previously unavailable, enabling a deeper understanding of Russia’s disinformation methodologies.
The documents reveal a heavy reliance on forgery, a tactic reminiscent of Soviet-era active measures. While employing new technologies, the SDA appears to be updating old tactics by fabricating videos, documents, phone conversations, and social media chats to manipulate narratives and provoke emotional responses. The SDA refers to this strategy as "augmented reality," a euphemism for a sophisticated campaign of deception. The documents also expose a crucial flaw in the SDA’s approach: a tendency to overestimate its own impact. By focusing on pre-existing societal tensions and exploiting organic anxieties, the SDA struggles to accurately measure the effectiveness of its interventions, leading to inflated claims of influence.
Despite its self-proclaimed success, the SDA’s actual impact appears limited. Analysis of the leaked data reveals that despite creating hundreds of fake websites and pushing out tens of thousands of fake articles, engagement remained relatively low. Ironically, the widespread media coverage of Doppelganger, particularly in Germany and the US, likely reached a far larger audience than the disinformation campaign itself. This suggests that the SDA’s primary objective may not be influencing foreign populations but rather impressing its sponsors within the Russian government. By presenting exaggerated reports of its effectiveness, the SDA secures funding and reinforces the conspiratorial worldview shared by disinformation operatives and autocratic bureaucrats.
The leaked documents reveal a counterintuitive dynamic: the SDA actively tracks and celebrates Western media coverage of its activities, using these reports as evidence of its influence and impact. This highlights a critical vulnerability in the fight against disinformation: While exposing disinformation campaigns is crucial, excessive or sensationalized coverage can inadvertently benefit the perpetrators by providing them with ammunition for self-promotion and further funding. This necessitates a shift in strategy, focusing on upstream exposure—targeting the infrastructure, funding sources, and individuals behind disinformation campaigns—rather than simply debunking individual pieces of fake content. By disrupting the machinery of disinformation, rather than just its outputs, democracies can more effectively counter these threats. This approach requires collaboration between governments, tech companies, and investigative journalists to expose the individuals and organizations responsible, impose sanctions, and pursue legal action.