CyberSecurity news
FlagThis
@PCWorld
//
A new variant of the Snake Keylogger malware is actively targeting Windows users, with over 280 million infection attempts detected globally. Cybersecurity researchers have identified this version, also known as the 404 Keylogger, as AutoIt/Injector.GTY!tr. The primary targets include users in China, Turkey, Indonesia, Taiwan, and Spain, where the malware spreads through phishing emails containing malicious attachments or links. The keylogger steals credentials from popular web browsers like Chrome, Edge, and Firefox by logging keystrokes, capturing screenshots, and monitoring the clipboard.
The stolen data, including sensitive information and credentials, is then exfiltrated to its command-and-control (C2) server through various methods, including SMTP email and Telegram bots. The malware utilizes AutoIt, a scripting language frequently used for Windows automation, to deliver and execute its malicious payload. By using AutoIt, the malware can create standalone executables that may bypass standard antivirus solutions. Once executed, the keylogger copies itself to the %Local_AppData%\supergroup folder, names itself ageless[.]exe, and sets its attributes to hidden and creates “ageless.vbs” in the %Startup% folder.
ImgSrc: www.pcworld.com
References :
The stolen data, including sensitive information and credentials, is then exfiltrated to its command-and-control (C2) server through various methods, including SMTP email and Telegram bots. The malware utilizes AutoIt, a scripting language frequently used for Windows automation, to deliver and execute its malicious payload. By using AutoIt, the malware can create standalone executables that may bypass standard antivirus solutions. Once executed, the keylogger copies itself to the %Local_AppData%\supergroup folder, names itself ageless[.]exe, and sets its attributes to hidden and creates “ageless.vbs” in the %Startup% folder.
ImgSrc: www.pcworld.com
Share:
References :
- CyberInsider: New Snake Keylogger Variant Launches 280 Million Attacks
- hackread.com: New Snake Keylogger Variant Hits Windows, Steals Data via Telegram Bots
- cyberinsider.com: New Snake Keylogger Variant Launches 280 Million Attacks
- The Register - Software: Snake Keylogger slithers into Windows, evades detection with AutoIt-compiled payload
- Talkback Resources: Snake Keylogger Variant Hits Windows, Steals Data via Telegram Bots [net] [mal]
- The Hacker News: New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection
- PCWorld: This high-risk keylogger malware is a growing threat to Windows users
- Talkback Resources: New Snake Keylogger infects Windows using AutoIt freeware [mal]
- www.scworld.com: More advanced Snake Keylogger variant emerges
- Talkback Resources: New Snake Keylogger infects Windows using AutoIt freeware [mal]