Operation Medusa Took Down Russia's Snake Cyber Espionage Network

Twitter hacker PlugWalkJoe pleads guilty, Microsoft patches at least four dozen vulnerabilities, Oz's TechnologyOne suspends trading after attack, Capita warns of $25m hit, much more

Image by nightowl from Pixabay

The Justice Department unsealed an affidavit that revealed a joint operation among the FBI and the US Attorney’s Office for the Eastern District of New York code-named Medusa that disrupted the foremost cyber espionage tool of the Russian government called Snake deployed by a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB) known as Turla.

For nearly 20 years, Turla used versions of the Snake malware to steal sensitive documents from hundreds of computer systems in at least 50 countries belonging to North Atlantic Treaty Organization (NATO) member governments, journalists, and other targets of interest to the Russian Federation. After stealing these documents, Turla exfiltrated them through a covert network of unwitting Snake-compromised computers in the United States and worldwide. 

Snake allows its Turla operators to remotely deploy selected malware tools to extend Snake’s functionality to identify and steal sensitive …