US Busts Longstanding And Far-Reaching Russian Cyber Operation

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

The Snake implant, the most sophisticated cyberespionage campaign used by Center 16 of the Russian Federal Security Service (FSB), was finally defeated by the US government after a decade-long investigation.

Snake is one of the oldest cyberespionage tools around, originating 20 years ago under the name Uroborus. Their early history came back to bite them, however. Early on, the Uroburos group would leave taunting and self-incriminating taunts in their stealth-based software — jabs like “Ur0bUr()sGoTyOu#” have left small breadcrumbs over time for investigators to follow.

Since then, however, the Snake campaign has seen consistent updates, changes, and adaptations to modern technology in order to stay evasive. For example, its custom communication protocols are all encrypted and fragmented, so they’re nearly impossible to detect. They’d also routed stolen data from other countries through compromised US computers, but the actual operation was an FSB facility in Ryazan Russia.

The Snake infrastructure has appeared in over 50 countries and was used to target and collect sensitive information from government networks, research facilities, and journalists worldwide.

“Within the United States, the FSB has victimized industries including education, small businesses, and media organizations, as well as critical infrastructure sectors including government facilities, financial services, critical manufacturing, and communications,” explains the Cybersecurity and Infrastructure Security Agency (CISA), which published a report outlining all of the findings of the investigation.

“For 20 years, the FSB has relied on the Snake malware to conduct cyberespionage against the United States and our allies — that ends today,” said Assistant Attorney General Matthew Olsen.

The US has retaliated by creating the Perseus tool, a software that causes the Snake malware to self-destruct whenever it’s run. It’s so effectively defeated known strains of the implant that Federal officials are confident the FSB will not be able to reconstitute the Snake implant again.

This sweeping victory comes as the government is making accelerated efforts to combat sharp increases in cybercrime.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."