Welcome to Memetic Warfare.

We’re going to start off this week with some recommendations for reading on Substack.

The first is from Newsguard - who put out great stuff by the way on foreign influence - covering Dougan of CopyCop fame. Dougan has set up, as per Newsguard, hundreds of domains targeting the German elections - read more below. I’d go into detail but I’d rather not steal their thunder.

NewsGuard's Reality Check

Russian Propagandist Turns His Sights to German Election

Special Report…

Read more

13 days ago · NewsGuard

The next is friend of the blog Tuvia Gering and his excellent blog

Discourse Power

Elon, I love you. Signed, China

Greetings from Jerusalem…

Read more

13 days ago · 7 likes · Tuvia Gering

I’d also recommend taking a look at Natto Thought’s latest post on the recently-exposed Salt-Typhoon front company, available below.

Natto Thoughts

Salt Typhoon: the Other Shoe Has Dropped, but Consternation Continues

On January 17, 2025, the United States government imposed sanctions on Sichuan Juxinhe Network Technology Co., LTD (Sichuan Juxinhe) (四川聚信和网络科技有限公司)., a Sichuan-based cybersecurity company, accusing it of “direct involvement in the Salt Typhoon cyber group…

Read more

13 days ago · 13 likes · Natto Team

Their finding of note is that this firm, unlike past suspected MSS front companies, has actually registered a number of patents.

Substacks aside, let’s move on to other content.

At Memetic Warfare we like to call them like we see them.

I’m wont to criticize Meta here when they deserve it, but one of the things I’ve always given them credit for is a transparent ad library.

CheckFirst used that library to write an interesting report, available here, on Doppelganger’s exploitation of paid ads on Meta platforms by adding up Doppelganger ad amounts and looking at leaked SDA documents.

This is an especially interesting topic in that Meta often gives itself pats on the back for countering Doppelganger effectively, often to the detriment (in my opinion) of other counter-IO work, so it’s nice to see someone look at the topic in-depth and show the good, the bad and the ugly of what’s happening.

Some highlights:

SDA has a quick turnaround time and is a fan of animation.

A lot of the payment information is pretty easily exploited as part of the KYC process:

Interesting data on total sums paid via Meta ads:

The report also used data and content samples from the SDA leaks - one would have thought that Meta would have already hashed all of the data and crosscheck against it:

CheckFirst used a flexible hash algorithm to avoid images with minor differences. I wonder to what extent SDA is actively altering their images slightly to avoid exact hash matches, or if it’s just the result of general editing.

There’s more here regarding specific examples of ads and their approval process, if you’re interested, check out the report. What stood out to me was the section on the SDA Facebook ads manager taken from the leaked data.

See here some interesting specifics:

The limited subset that CheckFirst looked at drove a fair amount of clicks:

There’s much more to this, so if you’re interested, I’d recommend reading it in its entirety.

That’s it for this week!