From: lessgovt@gmail.com   
      
   U.S. Says It Dismantled Russia’s ‘Most Sophisticated’ Malware Network   
   By Charlie Savage, May 9, 2023, NY Times   
   WASHINGTON — The United States and its allies have dismantled a major   
   cyberespionage system that it said Russia’s intelligence service had used   
   for years to spy on computers around the world, the Justice Department   
   announced on Tuesday.   
      
   In a separate report, the Cybersecurity and Infrastructure Security Agency   
   portrayed the system, known as the “Snake” malware network, as “the most   
   sophisticated cyberespionage tool” in the Federal Security Service’s   
   arsenal, which it has used    
   to surveil sensitive targets, including government networks, research   
   facilities and journalists.   
      
   The Federal Security Service, or F.S.B., had used Snake to gain access to and   
   steal international relations documents and other diplomatic communications   
   from a NATO country, according to CISA, which added that the Russian agency   
   had used the tool to    
   infect computers across more than 50 countries and inside a range of American   
   institutions. Those included “education, small businesses and media   
   organizations, as well as critical infrastructure sectors including government   
   facilities, financial    
   services, critical manufacturing and communications.”   
      
   Top Justice Department officials hailed the apparent demise of the malware.   
      
   “Through a high-tech operation that turned Russian malware against itself,   
   U.S. law enforcement has neutralized one of Russia’s most sophisticated   
   cyberespionage tools, used for two decades to advance Russia’s authoritarian   
   objectives,” Lisa O.    
   Monaco, the deputy attorney general, said in a statement.   
      
   In a newly unsealed 33-page court filing from a federal judge in Brooklyn, a   
   cybersecurity agent, Taylor Forry, laid out how the effort, called Operation   
   Medusa, would take place.   
      
   The Snake system, the court documents said, operated as a “peer to peer”   
   network that linked together infected computers around the world. Leveraging   
   that, the F.B.I. planned to infiltrate the system using an infected computer   
   in the United States,    
   overriding the code on every infected computer to “permanently disable”   
   the network.   
      
   The American government had been scrutinizing Snake-related malware for nearly   
   two decades, according to the court filings, which said that a unit of the   
   F.S.B. known as Turla had operated the network from Ryazan, Russia.   
      
   Even though cybersecurity experts identified and described the Snake network   
   over the years, Turla kept it operational through upgrades and revisions.   
      
   The malware was difficult to remove from infected computer systems, officials   
   said, and the covert peer-to-peer network sliced and encrypted stolen data   
   while stealthily routing it through “numerous relay nodes scattered around   
   the world back to Turla    
   operators in Russia” in a way that was hard to detect.   
      
   The CISA report said Snake was designed in a way that allowed its operators to   
   easily incorporate new or upgraded components, and worked on computers running   
   the Windows, Macintosh and Linux operating systems.   
      
   The court documents also sought to delay notifying people whose computers   
   would be accessed in the operation, saying it was imperative to coordinate   
   dismantling Snake so the Russians could not thwart or mitigate it.   
      
   “Were Turla to become aware of Operation Medusa before its successful   
   execution, Turla could use the Snake malware on the subject computers and   
   other Snake-compromised systems around the world to monitor the execution of   
   the operation to learn how the    
   F.B.I. and other governments were able to disable the Snake malware and harden   
   Snake’s defenses,” Special Agent Forry added.   
      
   https://www.nytimes.com/2023/05/09/us/politics/fbi-russia-malware.html   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)