The US Federal Bureau of Investigation on Tuesday reported the disruption of a massive spying program by the Russian Federal Security Service (FSB) using cyberspyware codenamed “Snake”.
This is stated in a press release from the US Department of Justice.
Let me remind you that we also talked about the fact that Europe’s largest private hospital operator Fresenius was attacked with an eponymous Snake ransomware. Don’t be confused – now we talk about a completely different malware.
US law enforcers believe that the spy tool was used by the hacker unit of the 16th FSB center, codenamed “Turla” for almost 20 years. We also reported that Fake DDoS App from Turla Targets Pro-Ukrainian Hacktivists.
The Snake program was designed to steal confidential documents from hundreds of computer systems in at least 50 countries that belonged to the governments of NATO member countries, in particular the United States, as well as journalists and other persons of interest to the Russian Federation.
To eliminate the “Snake”, the FBI developed an operation code-named “Medusa“. Within its framework, the spy application was forced to rewrite its own code, which disabled it. A senior FBI official said the Bureau’s tool was only designed to communicate with Russian spyware.
At a briefing ahead of the announcement, a US official involved in the operation called the Snake the “prime tool” of Russia’s cyber-espionage, Reuters reported.He expressed the hope that as a result of the liquidation of the program, Moscow could be “eradicated from the virtual battlefield.”
The media also reported that the FBI and NSA discovered Drovorub malware, created by Russian Intelligence services.