Sami Ruohonen, senior researcher at With Secure, however, does not believe that the program has been dealt a fatal blow.

of the United States blocked Russian malware managed to spy on the world for years, and according to experts, it has been an integral part of Russian cyber intelligence.

United States said on Tuesdaythat it had neutralized Russian malware that had been used by Russia’s FSB security service for spying for 20 years.

According to the United States, the program, known as Snake and Uroburos, was used to spy on at least 50 countries, including NATO countries. The FSB had managed to infiltrate the computer systems of many countries, research institutes and media.

Master Janne Allonen The Finnish Transport and Communications Agency’s Traficom Cyber ​​Security Center tells STT that the Snake malware has not been detected in Finland in connection with the incident brought to light by the United States. According to Allonen, the United States has planned to contact the countries affected by the Snake malware. According to Allonen, there had been no contact even on Wednesday.

According to the US cyber defense agency Cisa, Snake was Russia’s most advanced cyberespionage tool, which was extremely difficult to detect on computers and information networks. It was also easy to update and modify.

“In that sense, these are always a bit more developed and harder to detect when it comes to a state actor. For them, the means are different and the methods and goals differ from individual operator. There is the money, the means, the desire and the willpower,” Allonen comments.

of the United States according to the FSB unit behind the development of the malware. Senior Researcher at With Secure Sami Ruohonen tells STT that, more precisely, it is a group operating under Center 16 of the FSB, which is publicly known as Turla. According to Ruohonen, Turla has been engaged in intelligence activities in the cyber world at least since 2004, and the activities also include cyber attacks.

According to Ruohonen, based on the examinations, a conclusion has been made that Snake is definitely the most advanced malware of the Turla group.

“You don’t see people like this often. This can in no way be compared to, for example, malware created by hobbyists, which can be found on the darknet or can be downloaded from some open source. There is a development team behind this. I’d say they’re top of the line when it comes to hacker groups and what they’re capable of.”

According to Ruohonen, Snake allows the operator to collect information from the victim’s computer, spy on the computer, delete or add files from the computer, close processes or run commands on the victim’s computer or server.

“In other words, to practically spy or guide when necessary,” he sums up.

Ruohonen describes Snake as the backbone of FSB’s cyber intelligence since its introduction, i.e. since 2004, and has also influenced other FSB tools.

“It’s been used against high-profile targets and it’s built into it.”

Ruohonen according to the US federal police, the FBI, together with its international partners, has figured out how to turn off the Snake malware. The FBI and its partners also shut them down worldwide a few days ago, Ruohonen says. The US has also published comprehensive identifiers to detect Snake malware and attacks.

“This is not a fatal blow, but it causes a setback, for example, in that the currently existing operations are at risk, because it is now known how Snake is identified. For FSB’s new operations, we need to think about different tools and possibly develop new ones.”