Secondary Infektion, a Russian disinformation outfit, impersonated Swedish lawmaker
A suspected Russian disinformation campaign used manipulated images and fabricated internet personas to promote false narratives online in an effort to sow mistrust in Sweden and Europe, according to new findings.
The propaganda effort known as Secondary Infektion is “highly likely” behind an effort that involved a photoshopped screenshot meant to appear as if it originated on the website of Sweden’s Riksdag, the national legislature, the threat intelligence company Recorded Future said in a report published Tuesday.
Secondary Infektion is an operation dating back at least two years, with researchers blaming the suspected Russian outfit for forging documents, stirring outrage via social media and generating negative sentiment around the North Atlantic Treaty Organization in countries such as Ukraine. Researchers have pointed to Secondary Infektion as an example of political warfare that uses digital means to try to destabilize foreign governments.
In the latest case, Recorded Future investigators observed an account on a popular Swedish forum, Flashback, publishing a post about “Swedish-Ukrainian NATO membership.” The user suggested that Sweden would soon join the alliance, founded in 1949 as a Western bulwark against the Soviet Union, because “there is no country that can stand up to threats from our aggressive neighbor Russia alone.”
The same user pointed to an image of a proposal that appeared to be from Fredrik Malm – a lawmaker in Liberalna, Sweden’s Liberal People’s Party — arguing that Sweden should join NATO, along with Ukraine, “so that Sweden can benefit from NATO’s collective defense.”
The image is “almost certainly inauthentic,” Recorded Future researchers noted. The Liberalna advocates for Swedish NATO membership, though the screenshot contains a number of grammatical errors unlikely to appear in official government documents, for instance. The would-be proposal relies in part on a bill that focused on another issue entirely from Sweden joining NATO.
Additionally, forum posts meant to attract attention on the Malm letter consist of “extremely poor Swedish” that are “more likely a bad translation from another language, potentially a machine translation.”
CyberScoop could not immediately reach Malm for comment.
The fabricated political narrative did not appear to generate meaningful attention online, researchers noted.
The apparent Secondary Infektion effort is consistent with Moscow’s political goals, and prior Russian active measures.
Secondary Infektion previously sought to influence far-right political communities in the U.S. by amplifying coronavirus-themed misinformation, falsely accusing Muslim communities for spreading COVID-19. That effort utilized self-publishing sites to try gaining traction via 4chan, a forum frequented by social media trolls, though it largely failed to gather any conversational momentum.
Operatives from another suspected Russian effort, known as Ghostwriter, in 2020 forged political documents that made the false suggestion that Canadian soldiers stationed in Latvia were the cause of COVID-19 infections through Eastern Europe. The narrative, which impersonated NATO Secretary General Jens Stoltenberg, was enough to earn mention in some news outlets, FireEye investigators said at the time.
“We believe that these actors will continue with false narratives and forgeries in the hope of successfully deceiving target audiences under the belief that an information warfare campaign is a low-cost, potentially high return endeavor with little to no tangible consequences,” Recorded Future said in its latest findings.
