Announcementseverity: High2023-05-09

DOJ disrupts Snake malware network (Operation MEDUSA)

published by U.S. Department of Justice

Actor

TurlaRU · RussiaAPT

Russian state-sponsored actor publicly attributed to FSB Center 16. One of the longest-running espionage sets on record, known for the Snake (Uroburos) implant — a sophisticated peer-to-peer covert c…

Summary

The U.S. Department of Justice announced a court-authorized operation that disrupted the Snake malware peer-to-peer network operated by FSB Center 16 (Turla). The operation used a tool called PERSEUS to issue commands that caused Snake implants on compromised computers worldwide to overwrite themselves.

Primary source

justice.gov

Other Turla events

2023-05-09Joint advisory AA23-129A: Hunting Russian Intelligence Snake Malware

Summary

Tags

Primary source

Other Turla events