The Department of Justice announced Tuesday it had dismantled a 20-year-old Russian malware network.
The so-called “Snake” malware was used by a unit within the Kremlin’s FSB intelligence service. The FBI operation was dubbed “MEDUSA.”
“For nearly 20 years, this unit, referred to in court documents as ‘Turla,’ has used versions of the Snake malware to steal sensitive documents from hundreds of computer systems in at least 50 countries,” the DOJ said in a statement.
The statement goes on to say the malware had targeted software belonging to NATO member governments, journalists, and “other targets of interest to the Russian Federation.”
After stealing the targeted documents, the DOJ said the network “exfiltrated them through a covert network of unwitting Snake-compromised computers in the United States and around the world.”
The DOJ called Snake “premier cyber espionage malware” for the FSB, stating that it has now been “neutralized.”
The bust comes just over two months after the White House unveiled a new cybersecurity strategy urging tighter regulation of existing practices and stronger collaboration between the government and private sector, meant to target hacking by domestic and foreign cybercriminals.
According to FBI officials, the Snake network was operational up until the federal U.S. bust. The FBI is now working with global partners to ensure the Russian malware network remains defunct.
According to Statista, in 2022 there were a total of some 5.5 billion malware attacks worldwide, an increase of 2% from the previous year—but just more than half the record number of 10.5 billion malware attacks perpetrated in 2018.
