cross-posted from: https://mander.xyz/post/54572516

A new investigation reveals how a sophisticated Russian information manipulation set (IMS), dubbed “Roska Bridge”, uses alternative and decentralised social media platforms as a weapon to flood Western and domestic Russian audiences with aggressive, anti-Western, and anti-Ukrainian propaganda.

Here is the full report: Roska Bridge - How a pro-Russian IMS exploits vulnerabilities of decentralised platforms to spread propaganda (pdf)

Active since at least September 2025, this IMS has disseminated several coordinated campaigns by strategically exploiting architectural flaws in the decentralised Fediverse (Mastodon) and uses the Brid.gy service to cross-post simultaneously on Bluesky and on Mastodon. Targeting countries such as Ukraine, France, Germany and the United States, the content related to this IMS also promotes Max, a Russian state-backed messenger requiring a Russian phone number to operate, suggesting it targets domestic Russian audiences as well as Western ones.

By laundering content from EU-sanctioned Russian media outlets (such as the Pravda network, Russia Today, and Sputnik) and using automated accounts with seemingly AI-generated features, this IMS has managed to establish a highly organized and coordinated infrastructure to circumvent content moderation and legal regulations.

During the investigation, researchers found hundreds of Mastodon accounts during our research, “bridging” all their publications to Bluesky in coordinated waves, with new batches of accounts activated each month, remaining active for short, intense bursts, before disappearing and being replaced. Those accounts are still running on ten Mastodon instances, including the original instance mastodon.social, which gathers over 870,000 users, and bridged to hundreds of accounts on Bluesky.

Web Archive link

  • HarkMahlberg@kbin.earth
    link
    fedilink
    arrow-up
    2
    ·
    5 hours ago

    This is a major blind spot to the fediverse and it was easily exploited several years ago, when a disgruntled hacker made a bunch of accounts on unsecured misskey instances and used them to spam the whole network via federation. People tried to defederate from the instances, but the attacker eventually started spinning up his own. All he needed was to ensure at least one user on another instance would see his new instances.

    Russia and other NSA’s could easily use the same strategy: no effective countermeasure was developed, the attacker simply got bored and stopped.