FBI corrupted long-standing Russian hacking malware

By Washington Examiner
.

FBI Seal
FILE – In this June 14, 2018, file photo, the FBI seal is seen before a news conference at FBI headquarters in Washington. The FBI is grappling with a seemingly endless cycle of money laundering schemes that law enforcement officials say they’re scrambling to slow through a combination of prosecution and public awareness. Beyond the run-of-the-mill plots, officials say, is a particularly concerning trend involving “money mules.” These are people who, unwittingly or not, use their own bank accounts to move money for criminals for purposes they think are legitimate or even noble. (Jose Luis Magana/AP)

FBI corrupted long-standing Russian hacking malware

Video Embed

The Department of Justice announced a completed operation designed to disrupt a sophisticated malware used by Russian operatives for nearly two decades.

A unit within Center 16 of the Federal Security Service of the Russian Federation has used versions of the “Snake” malware to steal sensitive information from hundreds of computers in at least 50 countries for nearly 20 years. But the FBI’s Operation MEDUSA disabled the Snake malware on compromised computers through the use of an FBI-created tool known as PERSEUS, according to a DOJ press release. PERSEUS issued commands to force the Snake malware to overwrite its own components.

UKRAINE SHOULD ‘DOUBLE DOWN’ AMID RUSSIAN RIFT WITH MERCENARY LEADER, AMBASSADOR URGES

The FSB spies behind the malware are part of a notorious hacking group known as “Turla.”

“The Justice Department, together with our international partners, has dismantled a global network of malware-infected computers that the Russian government has used for nearly two decades to conduct cyber-espionage, including against our NATO allies,” Attorney General Merrick Garland said. “We will continue to strengthen our collective defenses against the Russian regime’s destabilizing efforts to undermine the security of the United States and our allies.”

The U.S. has investigated Snake and related malware tools for nearly 20 years, but Turla has gone to great lengths to upgrade, revise and selectively deploy their malware that remains on a compromised device indefinitely and often undetected.

CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER

The FBI and the intelligence community worked with foreign allies to monitor Snake’s exfiltration of data from compromised devices “by routing the transmission of these stolen data through unwitting Snake-compromised computers in the United States,” per the DOJ’s release.

“For 20 years, the FSB has relied on the Snake malware to conduct cyberespionage against the United States and our allies — that ends today,” Assistant Attorney General Matthew Olsen, of the Justice Department’s National Security Division, said. “The Justice Department will use every weapon in our arsenal to combat Russia’s malicious cyber activity, including neutralizing malware through high-tech operations, making innovative use of legal authorities, and working with international allies and private sector partners to amplify our collective impact.”

© 2023 Washington Examiner

Related Content

Copyright 2024. Washington Examiner. All Rights Reserved.