The 5-year Spam: Tracking a Persistent Chinese Influence Operation

Authors

Patrick Warren, Clemson UniversityFollow
Darren Linvill, Clemson UniversityFollow
Leland Fecher, Clemson University
Jayson Warren, Clemson University
Steven Sheffield, Clemson University
Jack Taylor, Clemson University
Alexa Gubanich, Clemson University
Parker Hundley, Clemson University
Josiah Lamont, Clemson University
Sarah Meadows, Clemson University
Josephine Rohrer, Clemson University
Molly Sutton, Clemson University
Shay Easler, Clemson University

Document Type

Article

Publication Date

2023

Abstract

This report analyzes the behavior of a single, coordinated inauthentic information operator working within China and in the interests of the Chinese government. This operator has been called by different names by different analysts, including “Spamouflage Dragon“ (by the network analysis firm Graphika) and “Dragonbridge” (by the Google owned cybersecurity firm Mandiant) and has been operating continuously since, at least, April 2017. In this report we will refer to this actor as Dragonbridge. Section II of this report gives an update on several campaign this actor has engaged in recent months. Section III presents a synthetic overview of some of Dragonbridge’s past and ongoing tactics and targets. Section IV draws some more general lessons about how this actor operates.

Recommended Citation

Warren, Patrick; Linvill, Darren; Fecher, Leland; Warren, Jayson; Sheffield, Steven; Taylor, Jack; Gubanich, Alexa; Hundley, Parker; Lamont, Josiah; Meadows, Sarah; Rohrer, Josephine; Sutton, Molly; and Easler, Shay, "The 5-year Spam: Tracking a Persistent Chinese Influence Operation" (2023). Media Forensics Hub Creative Inquiry Reports. 7.
https://tigerprints.clemson.edu/mfh_ci_reports/7