A new variant of Snake Keylogger has been detected

2 September 2024 2 minutes Author: Newsman

Fortinet FortiGuard Labs researchers have discovered a new variant of the dangerous Snake Keylogger program, which spreads through phishing campaigns using malicious Excel documents. The new variant has advanced functionality and aims to use vulnerabilities in the victim’s system to steal confidential information.

A new variant of Snake Keylogger, also known as “404 Keylogger” or “KrakenKeylogger”, has been discovered in a phishing campaign that distributes the malware via an Excel document named “swift copy.xls”. This document exploits the remote code execution vulnerability CVE-2017-0199. Once this file is opened, a chain of malicious actions is launched, as a result of which Snake Keylogger is downloaded and installed on the victim’s computer. The core module of this malware is downloaded as a DLL file and performs basic data-stealing functions, such as reading keystrokes, taking screenshots, and stealing stored credentials from web browsers and other applications.

Snake Keylogger first appeared a few years ago and quickly became one of the most dangerous tools in the hands of cybercriminals. It is known for its ability to bypass security systems and steal confidential information from infected computers. It uses phishing campaigns to spread its infection, which means you should be more careful when opening suspicious emails and documents.

The new Snake Keylogger variant shows that cybercriminals are constantly working on improving their attack methods.

Other related articles
News
Read more
Large-scale data leak at broker People Data Labs
Researchers have discovered a data breach at broker People Data Labs (PDL) that includes more than 170 million records of sensitive information. This incident puts the security of personal data of millions of users at risk and highlights the importance of proper information protection.
99
Found an error?
If you find an error, take a screenshot and send it to the bot.