The United States announces the dismantling of Snake, a formidable spyware


Game over for Snake? The United States has just announced on Tuesday the neutralization of a formidable Russian spyware nicknamed Snake. The American prosecution estimates that this malware would have been used for twenty years to steal confidential documents in about fifty countries “of interest to the Russian Federation”.

The malware would thus have made it possible to spy on the United States and its allies, including members of the NATO military alliance, by targeting diplomatic communications, companies or even journalists. France is not mentioned by name as one of the targets of the malware. If the Anssi, contacted, indicated to Zdnet.fr not having any elements to share, it seems however likely that France could also have been targeted.

The returned malware

The spyware was neutralized following an American operation carried out with Australia, Canada, New Zealand and the United Kingdom. Using a tool created by the Federal Bureau of Investigation (FBI), Perseus, US law enforcement authorities hacked into Snake’s infrastructure, a peer-to-peer computer network.

According to the CISA, the American cybersecurity agency, this network of compromised computers hosted the relay points allowing discreet communication between the operators of the malware and their targets. Once master of the network, the FBI launched the command to remotely turn off the implants installed in the targets. “A high-tech operation that turned” the malware against its developers, welcomed Lisa Monaco, the United States Deputy Minister of Justice.

Sophisticated malware

For American justice, this spyware was the “most sophisticated” malware developed by the FSB. It was originally developed as Uroburos in late 2003, with first versions completed a year later. Written in the C programming language, Snake could be installed on most operating systems, from Windows to MacOS to Linux.

Snake was reportedly operated by FSB agents assigned to Ryazan, about 200 km southeast of Moscow. According to the FBI, this stealthy malware could persist “indefinitely” on compromised systems. Once installed at its target, it allowed the remote deployment of other malicious tools for spying purposes such as a keylogger.

Therefore, it is recommended to update computers that might have been infected. The latest versions of the targeted operating systems make it visibly more difficult to control the malware. It is then recommended to change the various passwords used to avoid eavesdropping.



Source link -97