Malicious Software Used by Russian Spies Sabotaged by FBI

Share

The FBI has sabotaged a suite of malicious software used by elite Russian spies, US authorities said on Tuesday, providing a glimpse of the digital tug-of-war between two cyber superpowers.

Senior law enforcement officials said FBI technical experts had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.

“We assess this as being their premier espionage tool,” one of the US officials told journalists ahead of the release. He said Washington hoped the operation would “eradicate it from the virtual battlefield.”

The official said the FSB spies behind the malware, known as Snake, are part of a notorious hacking group tracked by the private sector and known as “Turla.”

The group has been active for two decades against a variety of NATO-aligned targets, US government agencies and technology companies, a senior FBI official said.

Russian diplomats did not immediately return a message seeking comment. Moscow routinely denies carrying out cyberespionage operations.

US officials spoke to journalists on Tuesday ahead of the news release on condition that they not be named. Similar announcements, revealing the FSB cyber disruption effort, were made by security agencies in the UK, Canada, Australia and New Zealand.

Turla is widely considered one of the most sophisticated hacking teams studied by the security research community.

“They have persisted in the shadows by focusing on stealth and operational security,” said John Hultquist, vice president of threat analysis at US cybersecurity company Mandiant. “They are one of the hardest targets we have.”

© Thomson Reuters 2023


Affiliate links may be automatically generated – see our ethics statement for details.