Regarding Operation Medusa:

Key take aways:

It was not an FBI only operation. It was a 5-eyes operation. The FBI did not take down the entire 'Snake Network'. They merely led the US side.

Center 16 of the FSB is claimed to be behind the malware and attacks.

In 2014, after public researchers had identified the malware, Center 16 renamed the string 'the “Ur0bUr()sGo#' to 'gLASs D1ick' within the malware - probably to give a middle finger to researchers investigating the malware. The malware is said to have the developers monikers included within the malware.

The malware was used to also target journalists and dissents. A US journalist, covering Russian affairs was targeted, as an example.

The malware modified TCP & HTTP packets for communication and exfiltration. The FBI imitated these modifications, with 'Perseus', in order to attribute and disable infected machines.

FBI argued they did not have the resources (man power with expertise) to physically disable the malware, so they requested (and were granted) remote search warrants.

#Russia #US #5Eyes #FBI #Malware #CyberSecurity