Justice Department Seizes 32 Russian Disinformation Domains Mimicking U.S. News Sites, Exposes Kremlin Operation Directed by Putin Aide

Attorney General Merrick Garland announced on September 4, 2024 that the Justice Department seized 32 internet domains used in Russian government-directed foreign malign influence campaigns known as “Doppelganger.” The operation, established in 2022 by Russian IT firm Social Design Agency (SDA), created fake websites designed to appear as legitimate U.S. news outlets like The Washington Post, Fox News, CNN, and others by registering similar domain names.

The Doppelganger Operation

The sophisticated disinformation campaign used several tactics to deceive American audiences:

Domain Mimicry: Registering domains nearly identical to legitimate news sites:

• “washingtonpost.pm” to mimic “washingtonpost.com”
• Similar variations for Fox News, CNN, and other major outlets
• URLs designed to fool casual observers

AI-Generated Content: Using artificial intelligence to create fake news articles that appeared professionally written and resembled legitimate journalism.

Kremlin Narratives: Content promoted Russian state-sponsored messages:

• Undermining support for Ukraine
• Amplifying domestic U.S. divisions
• Questioning American democratic institutions
• Promoting conspiracy theories beneficial to Russian interests

Putin’s Inner Circle Directed Operation

According to a 277-page DOJ affidavit, Sergei Kiriyenko, first deputy chief of staff in Putin’s administration and member of Putin’s inner circle, personally directed the operation. This represented one of the highest-level attributions of Russian election interference directly to Putin’s closest advisers.

Kiriyenko directed three Russian PR companies to execute the operation:

• Social Design Agency (SDA) - Primary operational entity
• Structura National Technology - Supporting organization
• ANO Dialog - Additional coordinating entity

The DOJ affidavit documented Kiriyenko’s direct involvement in promoting disinformation and state-sponsored narratives to influence the 2024 U.S. presidential election.

Scale and Persistence

Meta (Facebook’s parent company) had previously described Doppelganger as the “largest” and “most aggressively persistent” Russian-sponsored malign network they had encountered. The operation’s characteristics:

Global Reach: Targeted audiences beyond the U.S., including European countries Multi-Platform: Operated across websites, social media, and other digital channels Sustained Duration: Operated continuously from 2022 through September 2024 seizure Resource Intensive: Required significant investment in domains, content creation, and distribution

The Hydra Problem

Despite the DOJ’s September 4 domain seizures, researchers found twelve newly created replacement websites appeared within 24 hours. This demonstrated:

Operational Resilience: Russian operatives had backup domains ready for immediate deployment Persistent Intent: Seizures treated as temporary inconvenience rather than deterrent Resource Depth: Ability to quickly reconstitute operations suggested significant backing Strategic Adaptation: Learning from countermeasures to make future operations harder to disrupt

The rapid regeneration exposed limitations of domain seizures as a long-term countermeasure without broader ecosystem changes.

Context: Multi-Pronged 2024 Russian Interference

The Doppelganger domain seizures came one day before the Tenet Media DOJ indictment (September 5, 2024), revealing coordinated Russian election interference using multiple vectors:

September 4, 2024: Doppelganger fake news domains (this event) September 5, 2024: Tenet Media $10 million covert influencer funding September 13, 2024: State Department reveals RT embedded intelligence unit

This cluster of September 2024 revelations exposed a comprehensive Russian influence ecosystem far more sophisticated than understood from 2016 operations.

Significance: Putin’s Inner Circle Involvement

The DOJ affidavit’s identification of Sergei Kiriyenko—first deputy chief of staff in Putin’s administration—as personally directing the operation represented an unprecedented level of attribution:

Highest-Level Attribution: Direct connection to Putin’s closest advisers, not just intelligence services or contractors.

State Coordination: Demonstrated these weren’t rogue operations but coordinated state policy directed from the Kremlin’s top leadership.

Election Targeting: Explicit goal of influencing 2024 U.S. presidential election, showing sustained Russian focus on American electoral processes.

Multiple Companies: Coordination of three Russian PR/tech firms showed an organized industrial-scale operation.

The Fake News Ecosystem

Doppelganger represented evolution in disinformation tactics:

2016: Social media bots and trolls, fake Facebook pages 2020: More sophisticated social media operations, some website operations 2024: Industrial-scale fake news website network mimicking legitimate outlets, AI-generated content, coordinated by Putin’s inner circle

Each iteration became more sophisticated, harder to detect, and more integrated into legitimate information ecosystems.

Legal and Diplomatic Response

The DOJ action included:

• Seizure of 32 domains
• 277-page affidavit documenting operation
• Criminal charges prepared (though enforcement against Russian nationals difficult)
• Coordination with international partners to disrupt global operations

However, the rapid regeneration of replacement domains within 24 hours demonstrated that legal responses alone couldn’t eliminate the threat without broader platform and ecosystem changes.

Ongoing Threat

By the time of the September 4 seizure, Doppelganger had:

• Operated for 2+ years
• Reached millions of Americans with fake news content
• Successfully deceived some audiences into believing they were consuming legitimate journalism
• Contributed to undermining trust in actual news media

The operation’s goals extended beyond any single election to eroding American public trust in information systems generally—making future influence operations easier as audiences become unable to distinguish real from fake.

When members of Putin’s inner circle personally direct operations to create fake American news websites, using AI to generate deceptive content, and can reconstitute operations within 24 hours of law enforcement action—the scale and sophistication of Russian information warfare targeting American democracy becomes starkly apparent.

The Doppelganger operation wasn’t just about one election. It was about permanently degrading Americans’ ability to identify trustworthy information, making democratic decision-making increasingly impossible when citizens can’t agree on basic facts.