US takes down Russian FSB’s sophisticated global malware network

Photo Courtesy of Bangkok Post

The US Justice Department announced yesterday that it had successfully dismantled a “sophisticated” malware network, known as “Snake” or “Uroburos”, that had been utilized by Russia’s FSB intelligence agency for two decades. This highly advanced cyber-espionage tool allowed the FSB to secretly spy on target computer systems in 50 countries, focusing on government networks, research facilities, journalists, and other high-value targets, according to US officials.

In the process of the operation lasting several years, the FBI was able to defeat the Snake malware by injecting its own computer code that forced the malware to overwrite itself. Deputy Attorney General Lisa Monaco praised the operation, stating that it had “neutralized” one of Russia’s most sophisticated cyber-espionage tools, used for two decades to advance Russia’s authoritarian objectives.”

Advertisements

The FSB began developing the Snake malware in 2003, and it has been recognized by CISA, the US cyber defense agency, as “the most sophisticated cyber espionage tool in the FSB’s arsenal.” It is incredibly stealthy, making it extremely challenging to detect in computer systems and network traffic. Snake is highly adaptable, designed for effortless updating and modification, and has very few bugs considering its complexity.

These features allowed the FSB to operate undetected for years, infiltrating sensitive documents via computer systems with extensive host networks. CISA revealed that, in at least one instance, Snake was able to infiltrate an unnamed NATO country, granting Russian intelligence access to sensitive international relations documents and diplomatic communications.

Related news

The FBI’s sophisticated countermeasure, which they named Perseus, successfully rendered the Russian malware ineffective. By establishing communication sessions with the Snake malware implant on a specific computer, Perseus was able to issue commands that rendered the Snake implant inoperable, without damaging the host computer or its legitimate applications, reports Bangkok Post.

Despite the success of the Perseus implant, cybersecurity authorities from the United States, Canada, Britain, Australia, and New Zealand issued a joint advisory on Tuesday, cautioning that the Snake malware still poses a significant threat.

World News

Jenn

With a Bachelor's Degree in English, Jenn has plenty of experience writing and editing on different topics. After spending many years teaching English in Thailand, Jenn has come to love writing about Thai culture and the experience of being an ex-pat in Thailand. During long holidays, she travels to North of Thailand just to have Khao Soi!

Related Articles