US takes down Russian malware network allegedly linked to FSB
Justice Department disables 'network of malware-infected computers' used by Russia for 20 years, says Merrick Garland
By Michael Hernandez
WASHINGTON (AA) - The US and allied nations have "neutralized" a 20-year-old Russian malware network allegedly linked to Russia's Federal Security Service (FSB), the Justice Department announced Tuesday.
The Snake malware was used by an FSB unit known as "Turla," which used it to steal sensitive information from targets worldwide, including NATO member states, journalists and targets within Russia, according to court documents.
"Operation Medusa" resulted in the disabling of the malware's commands used to overwrite its "vital components," said the Justice Department.
“The Justice Department, together with our international partners, has dismantled a global network of malware-infected computers that the Russian government has used for nearly two decades to conduct cyber-espionage, including against our NATO allies,” Attorney General Merrick Garland said in a statement.
“We will continue to strengthen our collective defenses against the Russian regime’s destabilizing efforts to undermine the security of the United States and our allies," he added.
The Justice Department said FSB agents located at a facility in Ryazan, Russia operated Snake for two decades during which Turla repeatedly upgraded the malware and "selectively deployed it" to ensure Snake remained “Turla’s most sophisticated long-term cyberespionage malware implant."
The malware is capable of running on a device indefinitely unless it is detected and disrupted, and the FBI determined it is capable of staying on a device even if a user attempts to delete it.
In addition to serving as a venue through which data can be collected, Snake creates "a covert peer-to-peer network" of infected machines that use "customized communication protocols designed to hamper detection, monitoring, and collection efforts by Western and other signals intelligence services," said the Justice Department.
The US and four other nations issued a joint cybersecurity advisory with detailed information on Snake to help cybersecurity professionals find and eliminate the malware from victims' computers.
Kaynak:
This news has been read 135 times in total
Türkçe karakter kullanılmayan ve büyük harflerle yazılmış yorumlar onaylanmamaktadır.