Monday, April 3, 2017

Trump Trolls Manufacture Massive Hack & Hijack Attack Against Facebook

April 3, 2017

     A massive hacking and hijacking operation of anti-Trump, progressive, and liberal (APL) groups on Facebook is underway.  The hijacking group calls itself the Catena Mafia. They have been engaged in a continuing operation against APL groups for months, and Facebook has done nothing to put a halt to it.

     Cantenai means a series of connected things and comes from the Latin word for chain.  In Christian theology, a catena is a biblical commentary created by taking pieces of commentary written by other commentators but altered slightly so that, when read in series, they create a coherent whole commentary.  As Crooks & Liarsii C&L) first reported in January, “Catena” seems to be related to their modus operandi.

A screen shot of the Catena Mafia members page.
Thanks to Crooks & Liars for grabbing this.
Most people have blocked so many of them that they cannot get this shot. 

     Just as the biblical commentaries are altered, these digital mafioso’s, according to C&L, use social engineering to target APL groups. That means that they use some sort of deception either to get into the group or to take control of it (or both).  In the aftermath of several group hijackings yesterday, there is confusion as to how this is occurring.  There are two steps that the hackers must go through in order to hijack a group.  First, they must gain entry into the group.  Second, they must be made administrators of the group.

     Among the APL groups, there are 2 security mindsets.  In the first type, security is rather lax.  Anyone who clicks the join button will be allowed in, and anyone who begins trolling is quickly removed from the group.  The ethos in this type of group is to provide a community for like-minded people to engage in free and open discussion.  Many of these groups are primarily for people to post memes and get a respite through humor, while others are more serious and engage on a more policy-oriented discussion or focus on engagement.

     In a second type, the group administrators do not allow a profile in until the person has been vetted.  The vetting procedure is usually just looking through a person’s Facebook profile to make sure they aren’t a troll.  Since you easily scroll through a person’s entire history on their Facebook profile and people tend to put their entire lives on Facebook, this usually works fairly well.  This type of group tends to be more focused on sharing and discussing policy, and some are even more focused on contacting congress to push for resistance to the Trump agenda.  

     However, group administrators are not IT experts; they are just normal, everyday folks who help to make a community where people can speak openly about topics that are of dire importance to the nation.  This lack of high-tech expertise enables the hackers.  One easy way to get around the normal vetting process is to create a fake profile.  In the aftermath of a couple group hijacks, it was found that most of the Catena Mafia have multiple fake accounts.  Most of the fake accounts that have been discovered are also troll accounts and frequently post racist, sexist, and other discriminatory material.  If they have multiple accounts, though, it is very likely that they keep a couple Trojan Horse accounts as well, and those accounts wouldn’t show as being connected to each other. They can still use those accounts to infiltrate other groups.  Once in, the next step is to be made an administrator of the group.

     Crooks & Liars reports that the trolls use social engineering to become administrators of the group. Once they become administrators, they remove all the other admin and bring in their digital mafioso brethren to become the new admin to the group.

This profile is claimed to be a mole that made the hack of one group possible.
We will cover the specifics of that hack in an upcoming post.
Update: We found Mr. Davenport on Facebook.  After a thorough vetting and then speaking with Mr. Davenport, we determined that he was innocent and that the trolls were just lying to sow confusion and discord.

Related Content - 
The Creation of One of the largest APL Groups on Facebook:

     The use of the term social engineering as it’s used here is vague.  One way to understand that is that the trolls use fake “normal looking” accounts and just offer to help as a group admin.  (This would be a mole).  If that were all it was, then one could try to blame the group admin for not being more careful (even though there is no excuse for such a massive amount of deception in a society that values free, open, and civil debate.)  However, that may not be what is happening.  We will explore the hacking of one group creator and the hijacking of her group in an upcoming post.

To Facebook's credit, this post was reviewed and removed after a few hours.
     What we do know is that, once the groups are hijacked, the trolls begin causing chaos in the groups.

This photo is not going to show well here.
We'll get better shots of this page and update.  

     Group members have submitted multiple complaints against the trolls. Some individual posts, like the one above, do get taken down.

     But, as you can see, these people post a huge amount of racist material, yet they still maintain their accounts.  Those accounts get reported as well, so how are they still active?  We here at the Diogenetic Light are not in favor of censorship.  As offensive as the post below is, it is part of our American heritage to allow for offensive language.

Offensive and obviously racist.
This serves no part in any honest dialogue among civilized people.

     That does not explain, however, how calls for violence toward a person are acceptable?  We understand that, Constitutionally, calls for violence are only actionable if they pose an imminent threat of harm.  While we do admire Facebook's open policy on speech, they are not a government website and they pride themselves on creating an environment for the entire family.

Would you be comfortable having your kids see posts like this on Facebook?

     The trolls post massive amounts of pretty nasty pics into these groups.  The memes on this page were all recovered from one group that was hacked and hijacked recently.  The groups, both the Catena Mafia and the hacked groups, have been reported multiple times, yet Facebook does nothing. Why?

Another bigoted anti-Muslim post.

     Compounding the problem is Facebook’s reporting procedure.  There is no method to report a hijacked group, though many people in the groups tried to do so.  Facebook’s reporting procedure requires people to pick categories for reporting.  In many situations, problems cannot be pigeon-holed into their predefined categories, and there is no way to add any comment to a report that would highlight what the problem is.  This results in groups like the Catena Mafia being able to roam freely for months.  Crooks & Liars posted a report on this back on January 10th – this has been going on for 3 months now, and Facebook does nothing. Why?  Is this the kind of environment that we want to meet others in?  Is this an environment that we are comfortable having our children exposed to?

      In the latest round of attacks that took place during April Fool’s day, 3 more large APL groups were destroyed.  They were The Road to Hell is Paved with Republicans, which had 33,500 members, Republicans Suck!!!, with over 55,000 members, and Democrats Stronger Together with 23,000 members.  That is over 100,000 people who have had a meeting place destroyed for no reason.

     I know that these are just facebook groups; it’s not like they stormed the local Rotary Club meeting and destroyed the building.  However, Nazi’s used to go in and break up meetings of groups that they didn’t like as well.  I’m not calling them Nazi’s, but merely pointing out their use of similar tactics that are anathema to a free society.  Today’s meeting place is online.  At least they cannot engage in physical violence online, but the disruption of people engaging in civil conversation in private groups still occurred.  In America, the freedoms of speech and assembly are enshrined as some of our primary values in the first amendment to the constitution.  The protection of speech and protection of being able to assemble with others are core American values.  By not taking action against troll groups like the Catena Mafia, Facebook is not defending free speech.  It is, in fact, defending a continuing assault on free speech. What is happening here is completely un-American, and unacceptable in a civilized society.

Continuing Coverage:
Potholes and Trolls in the Road to Hell

Thank you for reading.  Please feel free to leave comments below.  You can also share with the buttons below, or, if you want to get the latest posts right away, you can click on the "Follow" button at the top right of this page.

If you need a break from all the nastiness and chaos, and you want a laugh, you can check out this piece here:

Healthcare Bill Has Grammarians Up in Arms

If your interested in learning how liberals can get better at messaging to win the war of ideas, check out the 4 part series starting with

Don't Call It TrumpCare

No comments:

Post a Comment