Hatemail 2020-11-05: Election Results Settle, Disinformation Campaigns Heat Up

Newsletter and intel from the LaBac Hacker Collective

We are currently monitoring several online and physical movements that pose a risk to the integrity of poll counting operations in the battleground states of Pennsylvania, Michigan, Nevada, and Arizona.

The false narrative that Democrats are attempting to steal the election is captured in the hashtag "#StopTheSteal." The hashtag emerged in force at 9:25pm EST, receiving momentum from the President Donald Trump’s Twitter and GOP-aligned accounts. Here are a few snapshots of the developing campaign:

Above, a visualization run on Hoaxy of the propagation and engagement on Twitter of the “#StopTheSteal” hashtag.

Above, a chart we compiled of the top Twitter users tweeting the “#StopTheSteal” hashtag.

This tweet from @hollandcourtney is a call to action for Trump supporters to rally the Clark County election office in Nevada. Similar gatherings are occurring right now in Maricopa County, Arizona, and Detroit, Michigan.

A video from OAN posted on YouTube yesterday gives some insight into a dangerous narrative emerging on the far-right, claiming that Democrats and anti-fascists will use violence to stop a Trump victory that has been “stolen”.


Overall, the majority of false information posted to Twitter and Facebook in the past 24 hours has been countered with quick coverage and platform-issued flags. It seems YouTube has employed a less active strategy, which is somewhat surprising given the reputation the platform has had for hosting radicalizing content.

How Technology Can Shape the COVID-19 Recovery for Racial and Gender Equity (Wednesday, November 18 - 7pm EST) - The founder of community tech group Silicon Harlem is a panelist in this fundraising event for NYC Councilmember Kallos. [Kallos NYC]

S.T.O.P. x RadTech: Data & Social Justice Webinar (Thursday, November 5 - 12pm EST) -EFF-sponsored group STOP is hosting this event with Dr. Seeta Peña Gangadharan, an organizer and an activist whose work addresses policies and practices related to digital inclusion, privacy, and big data. [RSVP]

Election Disruption and Misinformation

  • [CNN] [The Washington Post] [BuzzFeed] The Trump Administration is both perpetuating and (meekly) combating election-related disinformation. (But mostly perpetuating). Yesterday, the Department of Homeland Security said it observed Twitter accounts impersonating news outlets and prematurely calling election results. The director of the Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, tweeted a warning about the accounts. Twitter told CNN that several accounts had been banned for impersonating news outlets, though it has not witnessed large-scale attempts of media impersonation. 

    Meanwhile, since Tuesday, Trump has made several misleading, false, and outright alarming statements pertaining to the election results — truly testing how social media platforms are handling election disinformation. Twitter has flagged several of Trump’s tweets since the polls closed with contextual labels, particularly on tweets in which Trump has tried to claim victory in uncalled races or made accusations of election fraud. On Wednesday, Democratic lawmakers called on Twitter to suspend Trump’s personal account because of the sheer amount of disinformation the profile is spewing. 

  • [CNBC] On Monday, CNBC reported that Russian-backed social media accounts boosted QAnon content and conspiracy theories online as early as November 2017, effectively “nurturing” the QAnon narrative in its infancy. Georgia just voted in a QAnon supporter to Congress. 

  • [Observatory on Social Media] [BuzzFeed] The Observatory on Social Media (OSoMe) — a joint project of Indiana University, Network Science Institute, and the Center for Complex Networks and Systems Research — has put together a collection of misinformation tools, including a social media information-visualizer, bot detection software, and a media literacy teaching game. While you’re at it, check out this running list of false and misleading information about the election. 

Right-Wing Intimidators Out and About —

  • [ACLED] The Armed Conflict Location & Event Data Project (ACLED), a data collection and crisis mapping project, recently released an analysis on right-wing militia groups and other armed non-state actors. The report concludes that these groups pose a serious threat to voters and the election. 

  • [Reuters] Yesterday, the voting tally at the TCF Center in Detroit erupted into brief chaos as angry Republican poll watchers and poll challengers were barred from entering a count room that had reached capacity. Democratic poll watchers and poll challengers were barred as well. 

  • [PoliticusUSA] On Tuesday, the first day of absentee ballot processing at the Detroit TCF Center, two poll challengers were removed. Both challengers were removed for violating Covid-19 policies (one was wearing a plastic horror-movie mask and the second refused to cover their nose). The individual wearing the horror-moving mask was reportedly using racist language and causing general disruption.   

— And Right-Wing Militias Online.

  • [Unicorn Riot] Citizen journalist group Unicorn Riot has long monitored and cataloged far-right extremist groups and the chats where they communicate. This latest dump gives a peek into PatriotFront, a dangerous and media-driven white supremacist group known for their ability to produce far-right propaganda and distribute it on a national scale at physical locations.

  • [MilitiaWatch] [WYNC] MilitiaWatch and WNYC have an interesting look into Zello, an push-to-talk app that has attracted a significant far-right and extremist user base. The MilitiaWatch research has a particularly interesting graph analysis of several militia’s members and engagement.

  • [The Intercept] Last Friday, the House Committee on Oversight and Reform Chair Rep. Carolyn Maloney issued a memo announcing her intent to subpoena CBP for documents related to a secret social media Facebook group containing derogatory content that was used and maintained by agency personnel.

On Our Radar…

  • [Wired] The anxiety this week started quickly and brutally, as hundreds of hospitals around the country were hit with coordinated ransomware attacks right when Covid-19 cases started to spike across the country.

  • [The Guardian] Isentia is an Australian-based social media monitoring company whose customers include major corporations and government agencies. Similar to other waves of attacks in the United States, Isentia was recently hit with a ransomware attack that encrypted corporate computers and systems.

Hate speech website: mymilitia[.]com

Who hosts: Cloudflare, TierNet

Today’s site is mymilitia[.]com. The site functions as a forum for weapons advice, training, and a social network for local militia operations. VICE News has previously characterized the site as "Amazon for people on the fringe," and the site continues to be an outlet for conspiracy theories, fringe and radical viewpoints.

MyMilitia uses Cloudflare to protect and disguise their infrastructure. However, we have previously observed the website to be hosted on TierNet infrastructure, with the IP 208.87.30[.]154.