A taxi drives past the headquarters of Russia’s Federal Security Service (FSB) in central Moscow on May 12, 2022.
Natalia Kolesnikova | AFP | Getty Images
The FBI disrupted a Russian government-controlled malware network that compromised hundreds of computers belonging to NATO member governments and targets of other Russian interests, including journalists, the Justice Department explain Tuesday.
The sabotage effort, dubbed Operation Medusa, took the malware offline around May 8.
A unit of Russia’s FSB, successor to the Soviet-era KGB, developed and deployed malware code-named Snake in response to a federal search warrant as early as 2004 programme. The unit, known as Turla, uses malware to selectively target high-value equipment used by foreign ministries and governments of allied nations.
The software was able to record every keystroke a victim made, a capability known as keylogging, and send it back to Turla’s control center.
In at least one case, Turla used the Snake malware to infiltrate a PC belonging to a reporter at a US media outlet who reported on the Russian government.
The Justice Department called Snake Russia’s “premier long-running cyber-espionage malware.” Destroying malware is part of U.S. law enforcement efforts to protect victims around the world.
“We will continue to strengthen our collective defenses against the Russian regime’s destructive efforts to undermine the security of the United States and our allies,” Attorney General Merrick Garland said in a statement.
Snake’s targeting capabilities provided Russian intelligence with a wealth of information until U.S. law enforcement shut down the network on Monday.
Snake is also capable of snooping and disrupting a victim’s Internet activity, inserting itself into the data the victim’s computer sends online. Turla’s malware was able to operate effectively undetected by victims for nearly 20 years, even as federal law enforcement was monitoring and hunting down the Russian intelligence services behind Snake.
Federal researchers and counterintelligence agents were able to reverse engineer Snake and build software that would disable the malware. The software, code-named Perseus, was deployed simultaneously with the cooperation of other foreign governments earlier this week.
“Through a high-tech operation that turned Russian malware against itself, U.S. law enforcement has neutralized Russia’s most sophisticated network,” Deputy Attorney General Lisa Monaco said in a statement. One of the tools of espionage that has been used for 20 years to advance Russia’s authoritarian goals.”