Operation No Bell
Operation No Bell is a Russian influence operation described by OpenAI in February 2026. According to the provided content, the actor used ChatGPT to generate and edit social media content and long-form articles focused on geopolitical issues in sub-Saharan Africa. The operation placed 53 articles on various African news sites under the fake byline "Dr Manuel Godsin," presented as a fictitious PhD from the University of Bergen. Example themes included advocating that the president of Angola win the Nobel Peace Prize and accusing Western leaders of targeting South Africa with disinformation. The actor attempted to reduce suspicion of AI-generated content by prompting ChatGPT to write in the style of a human journalist and by removing em dashes from final text. OpenAI assessed the prompts used in this operation were not objectively malicious on their face and banned the associated accounts after discovery. Known alias in the provided content: operation_no_bell.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Targeting
Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.
Where they're from
Attributed origin per open-source reporting.
- RU
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.