View Full Version : Online Social Media Manipulation - JTRIG and other

24th November 2016, 10:41
The topic of online social media manipulation is fairly widely known and discussed - certainly not new to most here.

It seems particularly relevant right now with the current information wars on social media platforms -

closing of "alt-right" Twitter accounts,
switching from "conspiracy" to "fake news",
closing of the "pizzagate" sub-Reddit,
blocking of Google-ads (and hence ad revenue on "fake news" sites),
Facebook post censorship and account blocking

I came across the following post (now archived at: https://archive.fo/MOaOk) from a Reddit user about the infiltration of Reddit boards by social engineering teams and tactics, which lists out the manipulation in some detail.

I thought it would be useful to capture and share.

Archived: 20 Nov 2016 10:16:44 UTC

We have been infiltrated by JTRIG on reddit. Art of Deception: Training For a New Generation of Online Covert Operations
submitted 8 hours ago * by PixelBot

Online covert operators, who specialize in social engineering techniques, have been working against our efforts in the last month.

I am posting here due to necessity, because they have suppressed exposure in other subs that they control. This is critical information. People trying to suppress this conversation shouldn't be trusted. Never trust people who want to stop conversations. You can disagree with me - but don't try to stop it, watch for their language patterns that will try to stop real discussions.

JTRIG (https://en.wikipedia.org/wiki/Joint_Threat_Research_Intelligence_Group (https://archive.fo/o/MOaOk/https://en.wikipedia.org/wiki/Joint_Threat_Research_Intelligence_Group)) is running an active operation against this subreddit, and related ones, to spread disinformation, and to disseminate our group.

https://assets.documentcloud.org/documents/1021430/the-art-of-deception-training-for-a-new.pdf (https://archive.fo/o/MOaOk/https://assets.documentcloud.org/documents/1021430/the-art-of-deception-training-for-a-new.pdf) Is where you read their training manual. You'll need this, because I'll be referencing pages, as we go.

Further proof about JTRIG, is NBC's own investigation into them: https://www.eff.org/files/2014/04/09/20140207-nbc-gchq_honey_trap_cyber_attack_background_on_jtrig.p df (https://archive.fo/o/MOaOk/https://www.eff.org/files/2014/04/09/20140207-nbc-gchq_honey_trap_cyber_attack_background_on_jtrig.p df)

We were warned of this 2 years ago from leaks.

[My comment - I believe documents from Edward Snowden referred to this - see this post (http://projectavalon.net/forum4/showthread.php?59919-Edward-Snowden-the-whistleblower-behind-the-NSA-surveillance-revelations&p=973932&viewfull=1#post973932)]

Those sending private messages, to links outside of reddit becaues they want to have a private conversation - are most likely honeypots. Reddit is a forum built for communication, why are people sending you offsite, to a site you never heard of before to have a conversation? Don't trust it. Don't be fooled. I'm not suggesting you don't explore, please do, but I find this whole thing too fishy. The linked NBC report suggests honeypots are being used by all JTRIG agents. EDIT We've identified the following honeypots so far: riot.im, "matrix", fivepoint (or similar).

They are going to respond to this very thread, and say something like: "He's bullying us!", "Starring a witch hunt", "Attacking our feelings", etc etc. I'm not. I'm not asking for blind trust, I'm asking you to look at their post histories. I have identified another 30 accounts elsewhere, and attempting to expose their hierarchical team structure, and some account sharing. I have software analyzing linguistic patterns based on material about their team.

The structure of JTRIG:
- Ops / Tech (Cap Dev) / JBOS. Mention the "Online Covert Action Accreditation" Program.
- Commenced September 2011.
- Initially for JTRIG staff.
- A small number of ISD analysts now being accepted on courses.
Main skills covered:
- Information & Influence Operations.
- Online Humint.
- Disruption & CNA.

Look at the materials I provided, and you'll see the techniques they employ. The main thing to look for is, are they trying to create dissent? Are they trying to convince people to STOP researching. Are they trying to convince people to be "sensible", are they trying to convert you with emotional efforts.

Mods are NOT the only bots, they will make a post, and send commentators in to make a chain of replies, so people will become disinterested. They will bait others into arguments when it's good timing for them.


You can read about the toolkits they are using. Computer experts, please read. We know about Schneier's reliable work in security.

*EDIT 4**
They appear to have acquired OLD accounts. 4 & 5+ year accounts are now appearing at 99.99% detection rate. Word of warning.

Full archived Reddit post at: https://archive.fo/MOaOk

This is just one example / one piece of "evidence" - and given the recent Reddit and 4chan user collaborations to get to the truth of things on current topics, it is unsurprising that there would be social engineering programmes deployed on these platforms to co-opt and channel the focus in a direction desired by the power players.... or close it down should it go near territories deemed too sensitive "no-go" areas.

It might even be that much of the recent truth seeking activity on Reddit and 4chan was in fact initiated and driven by social engineering agendas and programmes from the outset and the participants were unknowing dupes... again - social media manipulation.

This social engineering via social media is clearly not an isolated incident, so.... please post any more examples / tactics / documents / articles you come across that address social media manipulation. Also, please share thoughts and comments on the topic. Thanks.

1st July 2017, 16:51
Richard Hall gets into the JTRIG thing a bit here:

Richard Hall (https://www.youtube.com/channel/UCQwCjFkhLbdpsu1xUDm7oGA)
Published on 29 Jun 2017