Canada says China-linked influence campaign targeted lawmakers, prime minister

Siva Ramakrishnan
Canada has accused China-linked threat actors of spreading disinformation and propaganda about its politicians on social media.

Canada has accused China-linked threat actors of spreading disinformation and propaganda about its politicians on social media.

China’s so-called “spamouflage” campaign has purportedly targeted dozens of Canadian members of parliament, Prime Minister Justin Trudeau, and several government officials, the Canadian foreign ministry said in a statement.

Spamouflage is a tactic that uses networks of new or stolen social media accounts to post and amplify propaganda across social media platforms.

In the latest campaign, which took place in August and September, a China-linked network of fake accounts left thousands of comments in English and French on the Facebook and X (formerly Twitter) accounts of Canadian politicians from various regions of the country.

These accounts claimed that Canadian politicians are corrupt, racist and dishonest; they also spread conspiracy theories, including that the Hawaii wildfires were engineered by the U.S. military, as reported by the Australian Strategic Policy Institute (ASPI), which also analyzed the network.

The politicians’ family members were also targeted in this campaign, according to ASPI. For example, some posts alleged that the politicians were neglecting their family members, that they fathered illegitimate children, or that their children’s sexual orientation was uncertain.

ASPI’s research suggests that the spamouflage network detected by the Canadian government is likely associated with similar campaigns that have previously been linked to Chinese state entities.

According to ASPI, the new campaign comprised at least 2,000 fake accounts and targeted nearly 50 Canadian politicians from two major political parties, including the Liberal Party of Canada and the Conservative Party of Canada.

The goal of this operation was likely to discredit Canadian politicians and cast doubt on their political and ethical standards. Additionally, the threat actors were likely attempting to suppress criticism of China within Canada.

The Canadian foreign ministry said it warned the social media platforms about the recent spamouflage campaign, and much of the malicious network has been removed. According to Canadian regulators, this campaign does not pose a threat to the safety of parliamentarians or their families.

China-Canada relations became tense in 2018 following the arrest of the chief financial officer of the Chinese tech giant Huawei in Vancouver at the request of the U.S. In retaliation, China detained two Canadian citizens on charges of espionage.

In August, Canada accused China of targeting a Canadian legislator, who was a vocal critic of China and had family in Hong Kong, with an online disinformation operation. In September, Canada initiated an independent public inquiry to investigate allegations of attempted foreign interference in Canadian affairs by both China and Russia.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Unprecedented federal suit, joined by states, accuses Meta platforms of harming children

Next Post

Espionage group uses webmail server zero-day to target European governments

Related Posts

Andariel Hackers Target South Korean Institutes with New Dora RAT Malware

The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea. "Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks," the AhnLab Security Intelligence Center (ASEC) said in a report
Read More