‘Game-Changing’ Snake Malware Used in Espionage on Ukraine
Dozens of computer networks in Ukraine have been infected by the Snake the cyber-espionage “tool kit,” according to The New York Times. The malware is similar to another piece of malware that infected the Pentagon’s classified systems several years ago.
The espionage malware has appeared many times in Ukraine this year in the context of the Ukrainian conflict, according to a BAE Systems report that called the malware “game-changing.”
“What this research once more demonstrates, is how organised and well-funded adversaries are using highly sophisticated tools and techniques to target legitimate organisations on a massive scale,” BAE Systems Managing Director Martin Sutherland said. “Although there has been some awareness of the Snake malware for some years, until now the full scale of its capabilities could not be revealed, and the threat it presents is clearly something that needs to be taken much more seriously.”
The Snake malware, also known as “Ouroboros” after the serpent from Greek mythology, allows the attackers full remote access to infected systems. The attacks were well aimed at classified data from government agencies.
BAE said circumstantial evidence indicates the attack originated from Russia – the developers worked in the Moscow time zone and Russian text was found in the code.
The malware is just one of many that Ukraine is fighting daily and it’s unclear if its use was state-sponsored, as US intelligence officials said.
The frequency of detection has been high in 2014, as the malware appeared 14 times in Ukraine, compared to eight times worldwide in 2013. Since 2010 there have been reported 56 cases world-wide, while 32 of them were in Ukraine.
Snake malware is another piece in the Ukraine-Russia conflict while the Anonymous group warned to raise the cyber-war to another level with OpRussia campaign.