- ‘Team Jorge’ unit exposed by undercover investigation
- Group sells hacking services and access to vast army of fake social media profiles
- Evidence unit behind disinformation campaigns across world
- Mastermind Tal Hanan claims covert involvement in 33 presidential elections
A team of Israeli contractors who claim to have manipulated more than 30 elections around the world using hacking, sabotage and automated disinformation on social media has been exposed in a new investigation.
The unit is run by Tal Hanan, a 50-year-old former Israeli special forces operative who now works privately using the pseudonym “Jorge”, and appears to have been working under the radar in elections in various countries for more than two decades.
He is being unmasked by an international consortium of journalists. Hanan and his unit, which uses the codename “Team Jorge”, have been exposed by undercover footage and documents leaked to the Guardian.
Hanan did not respond to detailed questions about Team Jorge’s activities and methods but said: “I deny any wrongdoing.”
The investigation reveals extraordinary details about how disinformation is being weaponised by Team Jorge, which runs a private service offering to covertly meddle in elections without a trace. The group also works for corporate clients.
Hanan told the undercover reporters that his services, which others describe as “black ops”, were available to intelligence agencies, political campaigns and private companies that wanted to secretly manipulate public opinion. He said they had been used across Africa, South and Central America, the US and Europe.
(‘Aims’: the software for hire that can control 30,000 fake online profiles
One of Team Jorge’s key services is a sophisticated software package, Advanced Impact Media Solutions, or Aims. It controls a vast army of thousands of fake social media profiles on Twitter, LinkedIn, Facebook, Telegram, Gmail, Instagram and YouTube. Some avatars even have Amazon accounts with credit cards, bitcoin wallets and Airbnb accounts.
The consortium of journalists that investigated Team Jorge includes reporters from 30 outlets including Le Monde, Der Spiegel and El País. The project, part of a wider investigation into the disinformation industry, has been coordinated by Forbidden Stories, a French nonprofit whose mission is to pursue the work of assassinated, threatened or jailed reporters.
The undercover footage was filmed by three reporters, who approached Team Jorge posing as prospective clients.
In more than six hours of secretly recorded meetings, Hanan and his team spoke of how they could gather intelligence on rivals, including by using hacking techniques to access Gmail and Telegram accounts. They boasted of planting material in legitimate news outlets, which are then amplified by the Aims bot-management software.
Much of their strategy appeared to revolve around disrupting or sabotaging rival campaigns: the team even claimed to have sent a sex toy delivered via Amazon to the home of a politician, with the aim of giving his wife the false impression he was having an affair.
The methods and techniques described by Team Jorge raise new challenges for big tech platforms, which have for years struggled to prevent nefarious actors spreading falsehoods or breaching the security on their platforms. Evidence of a global private market in disinformation aimed at elections will also ring alarm bells for democracies around the world.
The Team Jorge revelations could cause embarrassment for Israel, which has come under growing diplomatic pressure in recent years over its export of cyber-weaponry that undermines democracy and human rights.
Hanan appears to have run at least some of his disinformation operations through an Israeli company, Demoman International, which is registered on a website run by the Israeli Ministry of Defense to promote defence exports. The Israeli MoD did not respond to requests for comment.
The undercover footage
Hanan described his team as “graduates of government agencies”, with expertise in finance, social media and campaigns, as well as “psychological warfare”, operating from six offices around the world. Four of Hanan’s colleagues attended the meetings, including his brother, Zohar Hanan, who was described as the chief executive of the group.
In his initial pitch to the potential clients, Hanan claimed: “We are now involved in one election in Africa … We have a team in Greece and a team in [the] Emirates … You follow the leads. [We have completed] 33 presidential-level campaigns, 27 of which were successful.” Later, he said he was involved in two “major projects” in the US but claimed not to engage directly in US politics.
It was not possible to verify all of Team Jorge’s claims in the undercover meetings, and Hanan may have been embellishing them in order to secure a lucrative deal with prospective clients. For example, it appears Hanan may have inflated his fees when discussing the cost of his services.
Team Jorge told the reporters they would accept payments in a variety of currencies, including cryptocurrencies such as bitcoin, or cash. He said he would charge between €6m and €15m for interference in elections.
The Guardian and its reporting partners tracked Aims-linked bot activity across the internet. It was behind fake social media campaigns, mostly involving commercial disputes, in about 20 countries including the UK, US, Canada, Germany, Switzerland, Mexico, Senegal, India and the United Arab Emirates.
This week Meta, the owner of Facebook, took down Aims-linked bots on its platform after reporters shared a sample of the fake accounts with the company. On Tuesday, a Meta spokesperson connected the Aims bots to others that were linked in 2019 to another, now-defunct Israeli firm which it banned from the platform.
“This latest activity is an attempt by some of the same individuals to come back and we removed them for violating our policies,” the spokesperson said. “The group’s latest activity appears to have centred around running fake petitions on the internet or seeding fabricated stories in mainstream media outlets.”
In addition to Aims, Hanan told reporters about his “blogger machine” – an automated system for creating websites that the Aims-controlled social media profiles could then use to spread fake news stories across the internet. “After you’ve created credibility, what do you do? Then you can manipulate,” he said.
‘I will show you how safe Telegram is’
No less alarming were Hanan’s demonstrations of his team’s hacking capabilities, in which he showed the reporters how he could penetrate Telegram and Gmail accounts. In one case, he brought up on screen the Gmail account of a man described as the “assistant of an important guy” in the general election in Kenya, which was days away.
“Today if someone has a Gmail, it means they have much more than just email,” Hanan said as he clicked through the target’s emails, draft folders, contacts and drives. He then showed how he claimed to be able to access accounts on Telegram, an encrypted messaging app.
One of the Telegram accounts he claimed to penetrate belonged to a person in Indonesia, while the other two appeared to belong to Kenyans involved in the ongoing general election, and close to the then candidate William Ruto, who ended up winning the presidency.
“I know in some countries they believe Telegram is safe. I will show you how safe it is,” he said, before showing a screen in which he appeared to scroll through the Telegram contacts of one Kenyan strategist who was working for Ruto at the time.
Hanan then demonstrated how access to Telegram could be manipulated to sow mischief.
Typing the words “hello how are you dear”, Hanan appeared to send a message from the Kenyan strategist’s account to one of their contacts. “I’m not just watching,” Hanan boasted, before explaining how manipulating the messaging app to send messages could be used to create chaos in a rival’s election campaign.
Adapted from: Revealed: the hacking and disinformation team meddling in elections | Technology | The Guardian
Note: To view the entire Guardian article, click on the link immediately above.
Letter to the Trudeau government set subsequent to this article
The Right Honourable Justin Trudeau, Prime Minister of Canada;
The Right Honourable Chrystia Freeland, Deputy Prime Minister of Canada;
The Right Honorable Mélanie Joly, Foreign Minister of Canada.
Your government has made reference to the alleged spying on Canadian institutions and Canadian technology by the government of China. What are your perspectives regarding the Israeli-sponsored network of hacking, sabotage and automated disinformation as revealed in an article by The Guardian of the United Kingdom?
It is to be noted that the aforesaid Israeli network has intervened in 33 elections in various parts of the world including Canada. To your knowledge, has this illegal network of Israeli hackers and spies intervened in any federal, provincial or municipal elections? Has CSIS or the RCMP made any inquiries into this hacking network’s intervention in Canadian affairs?
It is incumbent upon your government as well as upon the opposition parties seated in the House of Commons to undertake the necessary investigation into the activities of the network of Israeli hackers in Canada. The Prime Minister of Canada has recently stated that the government of Canada must act to ensure the security of the people of Canada. We incite the Prime Minister to follow up on this statement and to launch an investigation into the nature of Israeli hacking and automated disinformation in Canada, particularly regarding the electoral process in Canada.
Bruce Katz
Co-president
PAJU (Palestinian and Jewish Unity)
