DOCUMENTING HYBRID WARFARE / — incidents / UPDATED LATEST: 
Sabotage Watch SABOTAGEWATCHHybrid Threat Monitor
Disinformation/Interference

Russian prankster impersonating Macron called Poland’s President Duda after Przewodów blast

22 November 2022 · Warsaw, Poland
Satellite Imagery © Esri

What happened

On 15 November 2022, hours after a missile struck the village of Przewodów in eastern Poland near the Ukrainian border, killing two people, Polish President Andrzej Duda took a telephone call from someone purporting to be French President Emmanuel Macron. The call, conducted in English, lasted roughly seven and a half minutes. The caller was in fact a Russian prankster, reportedly Vladimir Kuznetsov, known as Vovan, impersonating Macron with a French accent. During the conversation Duda discussed the blast, noting the missile appeared to be Russian-produced but of unclear origin, said he did not want to blame Russia prematurely, and spoke of consultations including the possible invocation of NATO's Article 4.

A recording of the call was subsequently posted online by the Russian prankster duo Vovan and Lexus (Vladimir Kuznetsov and Alexei Stolyarov). Duda's office confirmed the call's authenticity, stating that the president realised from the unusual manner in which the interlocutor conducted the conversation that there might be a fraud attempt and ended the call. The presidency said it had launched checks into how the caller had circumvented security procedures. It was at least the second time the duo had reached Duda, having previously impersonated UN Secretary-General António Guterres in 2020.

Assessment

The episode fits a recurring pattern of Russia-linked prank operations targeting Western and allied leaders, designed to extract candid remarks and embarrass officials during moments of crisis. Releasing the recording shortly after the Przewodów blast, a tense moment for NATO, served an information-operations purpose, amplifying narratives about Western disarray and Duda's caution over attribution. Vovan and Lexus deny working for the Kremlin, and a direct state tasking is not publicly established; their output nonetheless consistently aligns with Russian messaging interests. The breach also exposed a security and verification lapse in routing high-level calls.

This dossier summarises open-source reporting and is updated as the investigation develops. Read the original report via the source link.