The US dismantled one of the main Russian online spy tools

A person uses a laptop, in a file photograph. EFE/Sascha Steinbach (SASCHA STEINBACH SASCHA STEINBACH/)

The FBI reported Tuesday that they dismantled a complex Russian cyber-espionage operation allegedly used for some 20 years to steal confidential materials from the US government and its allies.

Officials described the Russian operation as one of the country’s most powerful cyber espionage tools. The FBI said the agency has been investigating the network for nearly as long as it has been in operation, but executed a court-authorized search warrant just this week to remotely impede Russian malware.

According to federal officials, computer-savvy authorities had to surreptitiously develop their own cyber infrastructure to interact with and disrupt the malwarewhich the Russians constantly updated and modified.

The US government, which coordinated its investigative activities with foreign governments, also had to schedule the execution of the search warrant to gain access to the affected computers and simultaneously prevent the Russians from reacting and thwarting the operation.

“Through a high-tech operation that turned Russian malware against it, US law enforcement has neutralized one of Russia’s most sophisticated cyber-espionage tools, used for two decades to further Russia’s authoritarian goals.” said the deputy attorney general Lisa Monaco in a press release.

The FBI said the malware, known as “Snake,” was developed and operated by the Federal Security Servicethe main security agency of the Russian government, which uses the acronym FSB.

File photo.  The FBI logo on an agent's jacket during a raid in the Manhattan borough of New York City, United States, October 19, 2021. REUTERS/Carlo Allegri
File photo. The FBI logo on an agent’s jacket during a raid in the Manhattan borough of New York City, United States, October 19, 2021. REUTERS/Carlo Allegri

The Russians allegedly used the malware to steal sensitive information from computer systems in at least 50 countries and to spy on journalists and other Russian “targets of interest.”, Justice Department and FBI officials said. Russian officials would allegedly steal the materials and route them through American computers that had been infected with malware to try to avoid detection.

The US government launched “Operation Medusa” to covertly disable Snake, authorities said. The FBI did this by creating a cyber tool called “Perseus,” which essentially used encryption to force the Snake malware to overwrite itself.

Today, Snake is the FSB’s main long-term cyber-espionage malware implant.said an FBI affidavit in support of a search warrant unsealed this week in the Eastern District of New York. “More importantly, the worldwide collection of compromised computers acts as a covert peer-to-peer network, using custom communication protocols designed to hamper monitoring and collection efforts by adversary signals intelligence services.” .

The investigation included asking a New York judge for permission to remotely access computers in multiple jurisdictions and then remotely seizing data stored on these computers to counter Russian malware.

US officials have used this law allowing remote access, known as Rule 41, to crack down on other cyber-espionage operations abroad.

(c) 2023, The Washington Post

Keep reading:

Russia tries to rebuild its battered spy network in Europe with hidden agents in Latin America

They revealed that Russia established a spy network in the North Sea and the Baltic with fishing boats and civilians.

The Russian spy failures that frustrated Putin before the arrest of the American journalist