IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Cybersecurity
#
Malware
#
Bitdefender
Snake Keylogger credential stealer slithers back on the radar of ANZ businesses
Tue, 13th Sep 2022
FYI, this story is more than a year old
By Alina Bizga, Security Analyst, Bitdefender
Follow us

Snake Keylogger – a .NET keylogger and credential stealer whose main function is to record users’ keystrokes on computers or mobile devices and transmit data to threat actors – has re-emerged on the threat landscape with a brand new malspam campaign targeting IT decision-makers.

Bitdefender Antispam Labs first detected the new campaign on August 23, targeting primarily US recipients, but given Snake is known to leverage Microsoft Office documents widely used in Australia and New Zealand, the region’s IT and security teams should be cautious.

Our telemetry shows the trojan – which originated from IP addresses in Vietnam – has already reached thousands of inboxes. Threat actors have been observed leveraging the corporate portfolio of a legitimate Qatari-based cloud storage and security solutions provider to trick potential victims into opening a malicious ZIP archive.

Snake Keylogger (also referred to as 404 Keylogger) operates as an info stealer exfiltrating sensitive information from infected systems. It has keyboard logging and screenshot capabilities coupled with the ability to extract data straight from systems’ clipboards.

The infamous trojan was born in late 2020 and has been spotted on message boards and underground marketplaces for just a few hundred dollars or less, depending on the level of service the client requires. Snake infections are typically financially motivated, with individuals potentially facing identity theft and fraud, among other crimes.

Further, the credential-stealing malware also poses a high security risk for businesses due to its data-harvesting and spy tool capabilities that could allow threat actors to gain access to high-level accounts and deploy even more crippling attacks.

Microsoft Word and Excel, as well as PDFs, have been common targets for Snake, making for highly efficient social engineering tactics. Cybercriminals running Snake campaigns can potentially make victims susceptible to major security and privacy threats, including holding data for ransom and exfiltrating financial data.

Avoiding a Snake bite

There are some key tools for organisations and people in ANZ to protect themselves from Snake and other keylogger attacks.

Always verify the origin and validity of correspondence before clicking links or opening / downloading attachments. Accounts should be protected via two-factor (2FA) or multi-factor (MFA) authentication.

These steps should prevent threat actors from logging into accounts in the event that systems become compromised.

Bitdefender has also already taken steps to protect business and consumer customers from Snake. The malspam campaign is detected by our antispam technology, and any attachments are automatically detected and blocked.

Related stories
Unearthing mining's data and AI potential: Why It's overlooked and how to start
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
Half of online traffic in 2024 generated by bots, report finds
Keeper Security launches user-friendly passphrase generator
Axis unveils hybrid cloud platform for adaptable security solutions
Top stories
Intel reshuffles Asia Pacific leadership to boost business growth
Coalition integrates cyber risk platform with top cloud services providers
Sapia Labs presents 'revolutionary' AI research at SIOP conference
Armis warns of major cyber-attack risk to 2024 global elections
Scality & Ingram Micro partner for market distribution of ARTESCA