The FBI Disrupted the Cyberspyware “Snake” that the Russian FSB Used for 20 Years

FSB cyberspyware

The US Federal Bureau of Investigation on Tuesday reported the disruption of a massive spying program by the Russian Federal Security Service (FSB) using cyberspyware codenamed “Snake”.

This is stated in a press release from the US Department of Justice.

Let me remind you that we also talked about the fact that Europe’s largest private hospital operator Fresenius was attacked with an eponymous Snake ransomware. Don’t be confused – now we talk about a completely different malware.

Matthew J. Olsen
Matthew J. Olsen

US law enforcers believe that the spy tool was used by the hacker unit of the 16th FSB center, codenamed “Turla” for almost 20 years. We also reported that Fake DDoS App from Turla Targets Pro-Ukrainian Hacktivists.

For 20 years, the FSB has relied on the Snake malware for cyber espionage against the United States and our allies – that ends today.said Assistant Attorney General Matthew J. Olsen of the Justice Department's Homeland Security Division.

The Snake program was designed to steal confidential documents from hundreds of computer systems in at least 50 countries that belonged to the governments of NATO member countries, in particular the United States, as well as journalists and other persons of interest to the Russian Federation.

Russia used sophisticated malware to steal sensitive information from our allies, laundering it through a network of infected computers in the United States in a cynical attempt to conceal their crimes. Meeting the challenge of cyberespionage requires creativity and a willingness to use all lawful means to protect our nation and our allies.said U.S. Attorney Breon Peace for the Eastern District of New York.

To eliminate the “Snake”, the FBI developed an operation code-named “Medusa“. Within its framework, the spy application was forced to rewrite its own code, which disabled it. A senior FBI official said the Bureau’s tool was only designed to communicate with Russian spyware.

He speaks the Snake language and communicates using Snake’s custom protocols without accessing the victim’s private files.the official said.

At a briefing ahead of the announcement, a US official involved in the operation called the Snake the “prime tool” of Russia’s cyber-espionage, Reuters reported.He expressed the hope that as a result of the liquidation of the program, Moscow could be “eradicated from the virtual battlefield.”

The media also reported that the FBI and NSA discovered Drovorub malware, created by Russian Intelligence services.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *