U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks

The operation is the latest effort by the Biden administration to thwart actions by Russia by making them public before Moscow can strike.

The United States said on Wednesday that it had secretly removed malware from computer networks around the world in recent weeks, a step to pre-empt Russian cyberattacks and send a message to President Vladimir V. Putin of Russia.

The move, made public by Attorney General Merrick B. Garland, comes as U.S. officials warn that Russia could try to strike American critical infrastructure — including financial firms, pipelines and the electric grid — in response to the crushing sanctions that the United States has imposed on Moscow over the war in Ukraine.

The malware enabled the Russians to create “botnets” — networks of private computers that are infected with malicious software and controlled by the G.R.U., the intelligence arm of the Russian military. But it is unclear what the malware was intended to do, since it could be used for everything from surveillance to destructive attacks.

An American official said on Wednesday that the United States did not want to wait to find out. Armed with secret court orders in the United States and the help of governments around the world, the Justice Department and the F.B.I. disconnected the networks from the G.R.U.’s own controllers.

👏🏻 👏🏻 👏🏻. The Biden administration has turned real or perceived incompetence on its head since the beginning of the year. It has been a transformation. They have not let a thing get by them and are even on manufacturers' backs to get hoppin' on the new generation of COVID vaccines.