Entity: Telegram

Incidents implicated systems

Incident 92916 Report
Sustained AI-Driven Russian Disinformation Campaigns Doppelgänger, Storm-1516, and Matryoshka Reportedly Disrupting German Federal Elections

2024-12-06

Leading up to Germany’s February 23, 2025, federal election, the alleged Russian Doppelgänger, Storm-1516, and Matryoshka (Operation Overload) disinformation campaigns have reportedly been deploying AI-generated deepfake videos and fake news sites to spread false claims about German politicians and public figures. AI-powered bots have allegedly been amplifying the content across social media. Researchers suggest the campaign sought to erode trust in Germany’s democratic process. Germany's domestic intelligence agency (BfV) described the scale as unprecedented.

Incident 10805 Report
Noodlophile Stealer Reportedly Distributed Through Allegedly Fraudulent AI Content Platforms

2025-05-08

A campaign reportedly used fake AI video generation sites to distribute malware under the guise of AI-generated content. Promoted via social media, these sites allegedly tricked users into downloading files containing Noodlophile Stealer, a previously unreported infostealer, and in some cases XWorm. The malware harvested credentials and could enable remote access.

Incident 10603 Report
Institute for Strategic Dialogue Reports Russian-Aligned Operation Overload Using Purported AI-Generated Impersonations Across January to March 2025

2025-05-06

Researchers at the Institute for Strategic Dialogue (ISD) report that Operation Overload (also known as Matryoshka or Storm-1679) is a Russian-aligned campaign leveraging purported AI-generated voiceovers and visual impersonations to spread false or inflammatory content across platforms. The campaign reportedly involved at least 135 discrete posts analyzed by ISD in early 2025 targeting institutions and individuals, including one purported viral video claiming USAID funded celebrity trips to Ukraine (see Incident 1061).

Incident 10162 Report
Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

2025-04-09

The generative AI platform Lovable, which is used for building web apps, was reportedly jailbroken to create and host full phishing campaigns. These campaigns allegedly included credential-harvesting login pages, evasion techniques, and real-time exfiltration via services like Telegram and Firebase. The AI system was reportedly used for generating the phishing content and and then deploying it live on a URL hosted under its own subdomain.

Telegram

Incidents implicated systems

Incident 92916 ReportSustained AI-Driven Russian Disinformation Campaigns Doppelgänger, Storm-1516, and Matryoshka Reportedly Disrupting German Federal Elections

Incident 10805 ReportNoodlophile Stealer Reportedly Distributed Through Allegedly Fraudulent AI Content Platforms

Incident 10603 ReportInstitute for Strategic Dialogue Reports Russian-Aligned Operation Overload Using Purported AI-Generated Impersonations Across January to March 2025

Incident 10162 ReportJailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

Related Entities Related EntitiesOther entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.

Related Entities

scammers

Incidents involved as Deployer

Fraudsters

Incidents involved as Deployer

Unknown scammers impersonating Pierce Brosnan

Incidents involved as Deployer

Unknown deepfake technology developers

Incidents involved as Developer

Simone Simms

Incidents Harmed By

Long Eaton Gallery

Incidents Harmed By

Long Eaton Gallery customers

Incidents Harmed By

Nottingham art community

Incidents Harmed By

Unknown deepfake apps

Incidents implicated systems

Unknown voice cloning technology

Incidents implicated systems

Facebook

Incidents implicated systems

Storm-1679

Incidents involved as Deployer

Storm-1516

Incidents involved as Deployer

Russian government

Incidents involved as Deployer

Operation Overload

Incidents involved as Deployer

Matryoshka

Incidents involved as Deployer

John Mark Dougan

Incidents involved as Deployer

Doppelganger

Incidents involved as Deployer

Unknown entities related to Doppelgänger

Incidents involved as Developer

Unknown deepfake technology developer

Incidents involved as Developer

Unnamed British police officer

Incidents Harmed By

Unnamed American university presidents

Incidents Harmed By

Robert Habeck

Incidents Harmed By

Olaf Scholz

Incidents Harmed By

Natalie Finch

Incidents Harmed By

German voters

Incidents Harmed By

German politicians

Incidents Harmed By

German federal election integrity

Incidents Harmed By

General public of Germany

Incidents Harmed By

Friedrich Merz

Incidents Harmed By

Electoral integrity

Incidents Harmed By

Democracy

Incidents Harmed By

Academics targeted by Storm-1679

Incidents Harmed By

Academics targeted by Operation Overload

Incidents Harmed By

Academics targeted by Matryoshka

Incidents Harmed By

X (Twitter)

Incidents implicated systems

Incident 92916 Report
Sustained AI-Driven Russian Disinformation Campaigns Doppelgänger, Storm-1516, and Matryoshka Reportedly Disrupting German Federal Elections

Incident 10805 Report
Noodlophile Stealer Reportedly Distributed Through Allegedly Fraudulent AI Content Platforms

Incident 10603 Report
Institute for Strategic Dialogue Reports Russian-Aligned Operation Overload Using Purported AI-Generated Impersonations Across January to March 2025

Incident 10162 Report
Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

Related Entities