EU DisinfoLab Uses Historical WHOIS Data to Cast a Light on Indian Chronicles
EU DisinfoLab is a nonprofit organization that conducts in-depth research and investigations on sophisticated disinformation actors across all platforms. EU DisinfoLab leads several projects in the area of fake media detection and works with other organizations to create fact-checking tools, track infodemic footprints, measure the virality of hoaxes, and investigate disinformation campaigns.
EU DisinfoLab aims to uncover disinformation trends, expose campaigns, and raise awareness surrounding issues relevant to disinformation. All these align with their vision of creating a society where citizens understand informational contexts and are less susceptible to manipulation.
One of EU DisinfoLab’s most successful research projects, the investigation of Indian Chronicles, brought to light a disinformation operation that began in 2006. WhoisXML API’s WHOIS footprints played a role in the completion of this investigation.
A Closer Look at the Indian Chronicles Investigation
EU DisinfoLab researchers extensively investigated a vast network of fake media outlets targeting different nations. The disinformation activities seemed to serve Indian interests, which is why EU DisinfoLab named the investigation “Indian Chronicles.”
The fake media outlets had the complete outfit—social media accounts, legitimate-looking domains, and substantial website content. Aside from impersonating regular media sites, they would also take on the identities of dead personalities and decommissioned nongovernment organizations (NGOs).
Based on the intricate details they uncovered, EU DisinfoLab identified the impact of the 15-year-old disinformation campaign as category 6, the highest classification, which means its agenda has drawn out responses from the country’s policymakers or incited hostility aimed at the target.
According to EU DisinfoLab, “Our investigation relied heavily on the analysis of websites and domain names, rather than online platforms. Much of what we uncovered could be done thanks to website domain names registration history, and because many websites of Indian Chronicles were created at a time when malicious actors were less concerned with privacy.”
EU DisinfoLab’s efforts to untangle disinformation networks and expose relevant campaigns are close to WhoisXML API’s vision of a transparent and secure Internet.
In the words of WhoisXML API CEO Jonathan Zhang, “Regardless of whom disinformation campaigns target, they are a digital threat and prevalent form of DNS abuse. Stopping such activities requires thorough investigations, and domain name information is critical to support extensive discovery and contextualization of this category of threat actors.”
—
EU DisinfoLab concluded the research with a call for policymakers to broaden the discussion on data transparency to include domain name information, as this is critical when investigating malicious domains. Additionally, the domain name industry is urged to consider the use of domains in disinformation campaigns as technical abuse of the Domain Name System (DNS).
Please don’t hesitate to contact us for inquiries and proposals for joint research and investigations.
See other success stories