U.S. Justice Department and Foreign Governments Disrupt Russian Malware

IMPORTANT: The full content of this page is available to premium users only.

Friday, May 19, 2023
Bruce Zagaris

On May 9, 2023, the United States Department of Justice announced the completion of a court-authorized operation, code-named MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, named “Snake”,  that is attributed to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB).  For approximately twenty years, this unit, called “Turla” in court documents, has deployed versions of the Snake malware to steal sensitive documents from hundreds of computer systems in at least 50 countries, belonging to North Atlantic Treaty Organization (NATO) member governments, journalists, and other targets of interest to the Russian Federation.  After it stole these documents, Turla exfiltrated them through a covert network of unwitting Snake-compromised computers in the U.S. and worldwide.[1]

[1]    U.S. Department of Justice, Justice Department Announces Court-Authorized Disruption of Snake Malware Network Controlled by Russia’s Federal Security Service, Press Rel. 23-350, May 9, 2023.