Taxis drive past the headquarters of Russia’s Federal Security Service (FSB) in central Moscow on May 12, 2022.

Natalia Kolesnikova | Afp | Getty Images

The FBI disrupted the Russian government-controlled malware network that disrupted hundreds of computers belonging to the governments of NATO members and other Russian targets of interest, including journalists and the Justice Department. He said Tuesday.

The deactivation effort, named Operation Medusa, removed the malware on or around May 8.

A unit within Russia’s Federal Security Bureau, the successor to the Soviet Union’s KGB, developed and deployed a malware codenamed Snake dating back to 2004, which is the request of a federal search warrant. Offers. The unit, called Turla, used malware to selectively target high-value devices used by foreign ministries and allied governments.

The software was able to record every keystroke made by the victim, an ability known as keylogging, and send it back to Turla’s control center.

In at least one case, Turla used the Snake malware to infiltrate the personal computer of a US media journalist, who was reporting on the Russian government.

The Justice Department cited Snake’s status as “Russia’s long-standing cyber-espionage malware”. Disabling the malware was part of US law enforcement efforts to protect victims around the world.

“We will continue to strengthen our collective defenses against the Russian regime’s destabilizing efforts to undermine the security of the United States and our allies,” Attorney General Merrick Garland said in a statement.

Snake’s targeted capabilities fed Russian intelligence vast amounts of information until US law enforcement took down the network on Monday.

Snake was also able to snoop on and compromise a victim’s online activity, inserting itself into data that the victim’s computer sent over the Internet. The Turla malware was able to operate effectively undetected by victims for nearly two decades, even while federal law enforcement monitored and tracked the Russian intelligence unit behind Snake.

Federal researchers and counterintelligence agents were able to reverse engineer Snake and build software that would disable the malware. The program has been codenamed Perseus and was deployed in a synchronized process earlier this week in cooperation with other foreign governments.

“Through a high-tech operation that turned Russian malware against itself, US law enforcement authorities neutralized one of Russia’s most sophisticated cyber-espionage tools, used over two decades to advance Russia’s authoritarian goals,” Deputy Attorney General Lisa Monaco said in a statement. .


Leave a Reply

Your email address will not be published. Required fields are marked *