11 May, 2023

Malicious Turla Software Crashed with Operation “Medusa”

The American Federal Bureau of Investigation (FBI) has disrupted an intricate Russian espionage network that it has carefully tracked for more than two decades. The Russian spy operation is said to have stolen thousands of sensitive documents from hundreds of computer systems in at least 50 countries. The stolen files are said to belong to many governments, institutions and technology companies.

The malware, known as Turla, has been in operation for ten years, authorities said. Turla is considered the most sophisticated attack reviewed by the security research community¹.

Over the years, Turla has targeted dozens of computers with Snake, the malware specialized in different versions, and created a global network of infected computers. Unbeknownst to the victims, Turla was using the secret network she had created to remotely access stolen documents through servers.

This operation, codenamed Medusa, gave remote access to infected computers by order. Once on computers, a tool called Perseus sent commands to immobilize the Snake malware by overwriting its vital components¹.

After the attack, authorities said that to combat cyber activity and major attacks of this scale, hard work must be done to neutralize malware with high-tech operations, make innovative use of legal powers, and increase collective interaction. 

Unless blocked, Snake malware remains on an infected computer system indefinitely and is often undetected by the owner or authorized users of the machine.

For more detailed information about the operation, you can visit the link;

https://cybernews.com/security/fbi-sabotages-russian-spy-hacking-network/

To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.

About Content:
You can review the details of the FBI's “Medusa” Operation in our content.
Share on Social Media:
Facebook
Twitter
LinkedIn
Telegram