• Tue. Oct 10th, 2023

FBI Operation: NATO-Bothering Russian Military Hacking Infrastructure is Eliminated by Medusa

Avatar photo

ByEsme Greene

Jul 8, 2023
Medusa neutralizes FBI's Russian hacks
Esme Greene
Latest posts by Esme Greene (see all)

According to the US Justice Department, Turla, a cyberspy organization funded by the FSB, has utilized variants of the Snake virus to steal information from dozens of computer systems that belong to authorities, journalists, and other potential targets in at least 50 nations. 

Turla stole sensitive information from victims’ devices, identified them, and then secretly transferred them over a network of unaware US PCs that had been infected by Snake.

As a result, Snake may infect Windows, Linux, and macOS devices, then utilize those network nodes to transmit victimized data to the malware threat’s Russian intelligence operators. 

Restoring Infected Systems

The Feds acquired a warrant for remote access to eight US machines that Snake had infected in order to rewrite and delete the malware present there as part of the so-called Operation Medusa, which was unveiled today.

“Through a high-tech operation that turned Russian malware against itself, US law enforcement has neutralized one of Russia’s most sophisticated cyber-espionage tools, used for two decades to advance Russia’s authoritarian objectives,” stated Deputy Attorney General Lisa Monaco in a press release.  

The FBI allegedly monitored the behavior of the virus on infected computers in America with the owners’ consent, according to court records. Agents were able to examine the source code and create a method for deceiving another machine on the network into talking with them by mimicking Snake’s session authentication mechanism.

The harmful infection is made to self-destruct by overwriting essential code components, and the host computer and any legitimate programs are unaffected. The FBI chose the name Perseus for this tool, which after establishing communication sessions with the Snake virus on a device, provides orders that do so.

Uncle Sam and allies have recently launched a number of high-profile measures to combat cybercrime, the most recent of which being Operation Medusa. The DOJ reported yesterday that 13 internet sites marketing distributed denial-of-service assaults had been confiscated. 

Additionally, 288 individuals were detained earlier this month by US and European law enforcement for allegedly selling opioids on the since-closed Monopoly Market dark web drug bazaar. 

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.