FBI disrupts long-running Russian ‘Snake’ malware network
The court-sanctioned operation codenamed ‘Medusa,’ used an FBI-created tool named PERSEUS, which issued commands that caused the Snake malware to overwrite its own vital components.
US officials announced that the FBI hacked and successfully disrupted a long-running Russian cyberespionage operation operated by Turla, a unit within Russia’s Federal Security Service (FSB).
The US Department of Justice and an international law enforcement coalition have alleged that Turla had been using a malware called ‘Snake’ since 2004 to steal sensitive information from hundreds of computer systems in at least 50 countries across North America, South America, Europe, Africa, Asia, and Australia. The stolen material would then be taken out through a network of Snake-compromised computers.
A joint Cybersecurity Advisory (CSA) by several US government agencies and their global counterparts provides background on Snake’s attribution to the FSB and detailed technical descriptions of the implant’s host architecture and network communications.