DOJ disrupts Russian massive cyberespionage network

by ian

The United States disabled a long-running Russian cyberespionage network used to steal sensitive information from 50 different countries.

Russia’s chief intelligence unit targeted NATO member governments, journalists, and other targets of interest through a malware known as “Snake” to target NATO. The spyware covertly sent stolen documents back to operators through a global network of infected computers.

Russia used the tool successfully for twenty years. But the FBI learned to decrypt Snake communications. A district court then authorized Operation Medusa, enabling the U.S. to remotely rewrite the malware’s code from infected computers. The global network is now disrupted.

Deputy Attorney General Lisa Monaco said, “Through a high-tech operation that turned Russian malware against itself, U.S. law enforcement has neutralized one of Russia’s most sophisticated cyber-espionage tools, used for two decades to advance Russia’s authoritarian objectives.”

The Department of Justice is now notifying victims so they can take additional steps to patch security weaknesses the malware exploited