Security News > 2023 > May > U.S. Government Neutralizes Russia's Most Sophisticated Snake Cyber Espionage Tool
The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as Snake wielded by Russia's Federal Security Service.
Snake, dubbed the "Most sophisticated cyber espionage tool," is the handiwork of a Russian state-sponsored group called Turla, which the U.S. government attributes to a unit within Center 16 of the FSB. The threat actor has a track record of heavily focusing on entities in Europe, the Commonwealth of Independent States, and countries affiliated with NATO, with recent activity expanding its footprint to incorporate Middle Eastern nations deemed a threat to countries supported by Russia in the region.
"For nearly 20 years, this unit has used versions of the Snake malware to steal sensitive documents from hundreds of computer systems in at least 50 countries, which have belonged to North Atlantic Treaty Organization member governments, journalists, and other targets of interest to the Russian Federation," the Justice Department said.
Snake, according to an advisory released by the U.S. Cybersecurity and Infrastructure Security Agency, is designed as a covert tool for long-term intelligence collection on high-priority targets, enabling the adversary to create a peer-to-peer network of compromised systems across the world.
What's more, several systems in the P2P network served as relay nodes to route disguised operational traffic to and from Snake malware implanted on FSB's ultimate targets, making the activity challenging to detect.
Infrastructure associated with the Kremlin-backed group has been identified in over 50 countries across North America, South America, Europe, Africa, Asia, and Australia, although its targeting is assessed to be more tactical, encompassing government networks, research facilities, and journalists.
News URL
https://thehackernews.com/2023/05/us-government-neutralizes-russias-most.html
Related news
- Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' (source)
- FBI confirms China-linked cyber espionage involving breached telecom providers (source)
- Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks (source)
- Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage (source)