As we previously reported, this week, the Justice Department made an announcement that it had given the FBI permission to run a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers in the United States. These vulnerable computers were running on-premises versions of Microsoft Exchange Server software that had been exploited by hacking groups through January and February 2021.
The hackers accessed e-mail accounts and placed illegal web shells on citizens' computers. Several of the system owners were able to successfully remove the web shells. However, others appeared unable to do so (or perhaps, even unaware), requiring external help, and that's where the FBI needs to intervene.
“Today’s court-authorized removal of the malicious web shells demonstrates the Department’s commitment to disrupt hacking activity using all of our legal tools, not just prosecutions,” Assistant Attorney General John C. Demers for the Justice Department’s National Security Division said in a statement.
“Combined with the private sector’s and other government agencies’ efforts to date, including the release of detection tools and patches, we are together showing the strength that public-private partnership brings to our country’s cybersecurity. There’s no doubt that more work remains to be done, but let there also be no doubt that the Department is committed to playing its integral and necessary role in such efforts.”
The FBI declared that their mission was a success and even took the occasion to share a warning to potential hackers out there.
Acting Assistant Director Tonya Ugoretz of the FBI’s Cyber Division said: “Our successful action should serve as a reminder to malicious cyber actors that we will impose risk and consequences for cyber intrusions that threaten the national security and public safety of the American people and our international partners. The FBI will continue to use all tools available to us as the lead domestic law enforcement and intelligence agency to hold malicious cyber actors accountable for their actions.”
No details were given about any hackers being caught.