Snake Keylogger is Back, Targets IT Corporates

Snake Keylogger tracks keystrokes 

Snake Keylogger is back again with a brand new malspam campaign distributing through phishing mails sent to corporate firms’ managers. Bitdefender Antispam Labs found the campaign on 23 August 2022. 

A Keylogger is a kind of malicious software that keeps record of your keystrokes and forwards it to hackers. 

Keyloggers can be deployed in your system without you knowing, generally through a malicious infected website or email attachment. 

In few cases, the hackers may use a physical Keylogger on your computer that maybe like a malicious USB drive or customised phone charging cable. 

Campaign Details

As per the Bitdefender experts, the IP addresses used in the attack came from Vietnam, while the campaigns main targets were in USA, and over 1000 inboxes have received the phishing emails. 

Threat actors leverage the corporate profile of Qatar’s one of the leading IT and cloud services providers to lure victims into clicking a ZIP archive. The archive includes an executable file named “CPMPANY PROFILE.exe.”

As per Bitdefender blogpost, the file installs the malicious Snake Keylogger payload on the victim system’s host. The data is extracted through SMTP. 

About Snake Keylogger

It is an infamous info and credential stealing malware that steals sensitive information from victim’s device. It has keyboard logging and screenshot capturing capabilities. It is a major threat to organizations due to its surveillance and data stealing capabilities.

Besides this, it can steal info from system keyboards. It is also known as 404 Keylogger. The malware came out in 2020 and can be found at underground forums/message boards for hundred dollars. The malware is generally used in campaigns driven by financial aims, these include fraud based campaigns and identity thefts. 

How to stay safe?

A Keylogger tracks every keystroke a user makes, allowing hackers to get your passwords, personal information, and financial data. However, you can follow some steps to stay safe. 

According to Bitdefender:

Always verify the origin and validity of correspondence before interacting with links or attachments, and deploy security solutions. Ensure that accounts are protected via two-factor (2FA) or multi-factor (MFA) authentication processes that will prevent cybercriminals from logging into accounts should your system get compromised, and install a security solution on their devices.

Read the full article here

Hosted by
News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.

Sign Up for Our Morning Boot Cybersecurity Newsletter

Sponsored Ad

Cybervizer Recommended Book