Welcome home, fellow Gator.

The Gator Nation's oldest and most active insider community
Join today!
  1. Hi there... Can you please quickly check to make sure your email address is up to date here? Just in case we need to reach out to you or you lose your password. Muchero thanks!

Turla, Russian Cyberhack, taken out

Discussion in 'Too Hot for Swamp Gas' started by G8trGr8t, May 10, 2023.

  1. G8trGr8t

    G8trGr8t Premium Member

    32,414
    12,159
    3,693
    Aug 26, 2008
    Not sure I understand all this but it appears that the FBI and allies has been fighting a cyberwar with a Russian espionage group that targeted key individuals as weak spots to inject malware into systems that has allowed Russia extensive spying opportunities for decades. Now they have claimed victory.

    If I understand it properly, the FBI or ??? was also authorized to access compromised computers in the US and elsewhere? and revise/replace compromised code

    US, Allies Dismantle 20-Year Russian Malware Spying Operation (msn.com)

    (Bloomberg) -- The US and allied countries have disrupted a wide-ranging Russian hacking operation that spied on its adversaries over some 20 years, the Justice Department announced.

    Law enforcement agencies penetrated a global network of computers infected with malicious software that the US said Russia’s federal intelligence service used to spy on computers in at least 50 countries, including governments belonging to the North Atlantic Treaty Organization, the Justice Department said Tuesday.
    ..................
    The Federal Bureau of Investigation, the National Security Agency, the Cybersecurity and Infrastructure Security Agency, US Cyber Command and six other intelligence and cybersecurity agencies from allied governments issued a joint advisory Tuesday with technical information about the Snake malware to help cybersecurity professionals detect and remediate the malware on their networks.

    The FBI attributed the Snake espionage malware implant to Turla, an elite Russian hacking unit that spends extensive amounts of time profiling victims, often using USB sticks to spread malware, according to cybersecurity company Mandiant, a unit of Google Cloud.
     
    • Informative Informative x 2
  2. G8trGr8t

    G8trGr8t Premium Member

    32,414
    12,159
    3,693
    Aug 26, 2008
    Is PERSEUS an AI software?

    FBI corrupted long-standing Russian hacking malware | Washington Examiner

    The Department of Justice announced a completed operation designed to disrupt a sophisticated malware used by Russian operatives for nearly two decades.

    A unit within Center 16 of the Federal Security Service of the Russian Federation has used versions of the “Snake” malware to steal sensitive information from hundreds of computers in at least 50 countries for nearly 20 years. But the FBI’s Operation MEDUSA disabled the Snake malware on compromised computers through the use of an FBI-created tool known as PERSEUS, according to a DOJ press release. PERSEUS issued commands to force the Snake malware to overwrite its own components.

    The FBI and the intelligence community worked with foreign allies to monitor Snake’s exfiltration of data from compromised devices “by routing the transmission of these stolen data through unwitting Snake-compromised computers in the United States,” per the DOJ’s release.

    “For 20 years, the FSB has relied on the Snake malware to conduct cyberespionage against the United States and our allies — that ends today,” Assistant Attorney General Matthew Olsen, of the Justice Department’s National Security Division, said. “The Justice Department will use every weapon in our arsenal to combat Russia’s malicious cyber activity, including neutralizing malware through high-tech operations, making innovative use of legal authorities, and working with international allies and private sector partners to amplify our collective impact.”
     
  3. tampagtr

    tampagtr VIP Member

    17,612
    2,861
    1,618
    Apr 3, 2007
    That doesn't sound like an FBI capability. Others may be involved
     
  4. gatorchamps960608

    gatorchamps960608 GC Hall of Fame

    4,520
    942
    2,463
    Jul 4, 2020
    All our resident Putin fans are sad.
     
  5. G8trGr8t

    G8trGr8t Premium Member

    32,414
    12,159
    3,693
    Aug 26, 2008
    @brainstorm or any other techie..
    What do you make of this PERSEUS software ?
     
  6. vaxcardinal

    vaxcardinal GC Hall of Fame

    7,565
    1,124
    2,043
    Apr 8, 2007
    I’m guessing NSA and cyber command were probably involved
     
    • Agree Agree x 1