The bongino report

FBI Claims to Have Sabotaged Hacking Tool Created by Russian Spies

‘The purpose of Snake was to collect sensitive intelligence from high-priority targets such as government networks, research facilities and journalists,’ the advisory from the Canadian Centre for Cyber Security said

Author of the article:

Published May 09, 2023  •  Last updated 1 day ago  •  2 minute read

Moscow routinely denies carrying out cyberespionage operations. The FBI has sabotaged a suite of malicious software used by elite Russian spies, U.S. authorities said on Tuesday.

THIS CONTENT IS RESERVED FOR SUBSCRIBERS Enjoy the latest local, national and international news.

Exclusive articles by Conrad Black, Barbara Kay, Rex Murphy and others. Plus, special edition NP Platformed and First Reading newsletters and virtual events. Unlimited online access to National Post and 15 news sites with one account. National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on. Daily puzzles including the New York Times Crossword. Support local journalism. SUBSCRIBE FOR MORE ARTICLES Enjoy the latest local, national and international news.

Exclusive articles by Conrad Black, Barbara Kay, Rex Murphy and others. Plus, special edition NP Platformed and First Reading newsletters and virtual events Unlimited online access to National Post and 15 news sites with one account. National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on. Daily puzzles including the New York Times Crossword. Support local journalism. REGISTER FOR MORE ARTICLES Create an account or sign in to continue with your reading experience.

Access articles from across Canada with one account. Share your thoughts and join the conversation in the comments. Enjoy additional articles per month. Get email updates from your favourite authors. In a joint cybersecurity advisory, the Canadian Centre for Cyber Security released an alert intended for IT professionals and “managers of notified organizations” warning them of a cyber espionage tool named “Snake.”

The malware “has been used globally by a malicious cyber actor with infrastructure being identified in over 50 countries across North America, South America, Europe, Africa, Asia and Australia,” the statement said.

“The purpose of Snake was to collect sensitive intelligence from high-priority targets such as government networks, research facilities and journalists,” it continued.

Russia charges Wall Street Journal reporter Gershkovich with espionage How I spied on my Russian patrons armed with just a negroni The centre joined security partners from U.S. agencies, the Australian Cyber Security Centre (ACSC), New Zealand’s National Cyber Security Centre (NCSC-NZ) and the United Kingdom’s National Cyber Security Centre (NCSC-UK).

Russian diplomats did not immediately return a message seeking comment. Moscow routinely denies carrying out cyberespionage operations.

U.S. officials spoke to journalists on Tuesday ahead of the news release on condition that they not be named. Similar announcements revealing Russia’s Federal Security Service (FSB) cyber disruption effort were made by security agencies in the U.K., Australia and New Zealand.

An official said the FSB spies behind the malware are part of a notorious hacking group tracked by the private sector and known as “Turla.”

The group has been active for two decades against a variety of NATO-aligned targets, U.S. government agencies and technology companies, a senior FBI official said.

Turla is widely considered one of the most sophisticated hacking teams studied by the security research community.

“They have persisted in the shadows by focusing on stealth and operational security,” said John Hultquist, vice president of threat analysis at U.S. cybersecurity company Mandiant. “They are one of the hardest targets we have.”

The U.S. government dubbed the disruption of Turla’s Snake malware “Operation Medusa.” The FBI and its partners identified where the hacking tool had been deployed across the internet and built a unique software “payload” to disrupt the hackers’ infrastructure.

The FBI relied on existing search warrant authorities to remotely access the Russian malicious program within victim networks in the U.S. and sever its connections.

The senior FBI official said the Bureau’s tool was designed only to communicate with the Russian spy program. “It speaks Snake, and communicates with Snake’s custom protocols” without accessing the victim’s personal files, the official said.

With additional files from Reuters



" Conservative News Daily does not always share or support the views and opinions expressed here; they are just those of the writer."
*As an Amazon Associate I earn from qualifying purchases

Related Articles

Sponsored Content
Back to top button
Available for Amazon Prime
Close

Adblock Detected

Please consider supporting us by disabling your ad blocker