Fortinet's FortiGuard Labs reports that a new variant of the Snake Keylogger malware extensively targets Windows users across China, Turkey, Indonesia, Taiwan, and Spain. This variant has been linked to more than 280 million blocked infection attempts globally this year, typically spread through phishing emails. The malware captures sensitive information from major web browsers and uses infrastructure like SMTP and Telegram for data exfiltration. A key feature of this variant is its use of AutoIt scripting, which enables it to bypass traditional security measures and maintain a persistent presence on infected systems.
Typical delivery methods for Snake Keylogger include phishing emails with malicious links that steal sensitive information by logging keystrokes and monitoring the clipboard.
The malware leverages AutoIt scripting language to evade detection, complicating analysis by embedding the executable within a compiled script to mimic benign tools.
Collection
[
|
...
]