US Disrupts 20-Year-Old Snake Malware From Russia's Turla Hacking Group
The US says it disabled malware the Russian government has allegedly been using for the past 20 years to hijack computers and steal sensitive data.
The Justice Department today announced(Opens in a new window) it had disrupted the so-called “Snake” malware by securing a court order to essentially hack computers already infected with the malicious code.
An FBI-created tool was able to issue commands to existing Snake malware infections, causing it to "terminate the Snake application and, in addition, permanently disable the Snake malware by overwriting vital components," according to a US search warrant.
“Through a high-tech operation that turned Russian malware against itself, US law enforcement has neutralized one of Russia’s most sophisticated cyber-espionage tools,” says US Deputy Attorney General Lisa Monaco.
The US alleges that a unit within Russia’s Federal Security Service (FSB) spy agency, known as Turla, first developed Snake in 2003 to conduct cyberespionage operations across the globe. Over the years, the Kremlin has routinely upgraded the malware, which investigators blame for infiltrating US companies, research facilities, and government groups including NATO.
“As one example, FSB actors used Snake to access and exfiltrate sensitive international relations documents, as well as other diplomatic communications, from a victim in a North Atlantic Treaty Organization (NATO) country,” US cyber authorities said in their report(Opens in a new window).
In addition, the Snake malware is usually difficult to detect and can persist on a computer, despite attempts to clear the infection. “We have observed interoperable Snake implants for Windows, macOS, and Linux operating systems,” US cyber authorities said.
It
Read more on pcmag.com
