Malicious actors distribute the Snake malware as attachments in phishing emails. In this report, we show that in addition to the information-stealing features of Snake, the staging mechanism of Snake samples is almost identical to that of two common information-stealing malware programs, FormBook and Agent Tesla.
Coowon alternatives 2016 code#
Although the source code of Matiex has been available for purchase in the underground scene since February 2021, the information-stealing features of Snake samples that date earlier than February 2021 have code that is very similar to Matiex code. Researchers have identified many similarities between the code of the information-stealing features of Snake and the code of the Matiex malware. Snake supports data exfiltration through a variety of protocols, such as FTP, SMTP, and Telegram. We observed that Snake can steal credentials from over 50 applications, which include FTP clients, mail clients, communication platforms, and web browsers. Snake has keystroke logging as well as clipboard data, screenshot, and credential theft capabilities. Snake is a feature-rich malware and poses a significant threat to users’ privacy and security. The Cybereason GSOC observed a spike in infections using the Snake malware in late August 2021 with no specific trend in the industry or the geographical locations of the targeted victims. Malicious actors have been distributing Snake continuously through phishing campaigns since November 2020. The malware is currently available for purchase in the underground scene for a price range between US $25 and $500. Snake first appeared on the threat landscape in late November 2020. The data that the Snake malware exfiltrates contains the malware’s name The executable stages the information-stealing features of the Snake malware on compromised systems and establishes persistence: Users have to first decompress and then start the. NET executable that implements the Snake malware.
Coowon alternatives 2016 archive#
The attachments are typically archive files with file name extensions such as img, zip, tar, and rar, and store a. Malicious actors distribute Snake as attachments to phishing emails with various themes, such as payment requests. We suspect that the malware authors themselves named the malware Snake, since the malware’s name is present in the data that Snake exfiltrates from compromised systems.
The Snake malware is an information-stealing malware that is implemented in the. In addition, the report provides attribution information when possible as well as recommendations for mitigating and isolating the threat. The report provides an in-depth overview of the incident, which helps to scope the extent of compromise and the impact on the customer’s environment. The Cybereason GSOC MDR Team issues a comprehensive report to customers when such an incident occurs. Cybereason Managed Detection and Response (MDR): The Cybereason GSOC has zero tolerance towards attacks that involve information-stealing malware, such as Snake, and categorizes such attacks as critical, high-severity incidents.Detected and prevented: The Cybereason Defense Platform effectively detects and prevents the Snake malware.
No industry or geographical preferences: Snake has been present in the threat landscape since November 2020 and has been a constant threat to users’ privacy and security since then.Snake can exfiltrate stolen data through a variety of protocols, such as FTP, Simple Mail Transfer Protocol (SMTP), and Telegram. Snake can steal credentials from over 50 applications, which include File Transfer Protocol (FTP) clients, email clients, communication platforms, and web browsers. Serious threat to privacy and security: Snake is a feature-rich information-stealing malware.
This report provides an overview of key information-stealing features of the Snake malware and discusses similarities that we discovered in the staging mechanisms of samples from Snake and two common information-stealing malware programs, FormBook and Agent Tesla. In this Threat Analysis report, the GSOC investigates Snake, a feature-rich information-stealing malware. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats.
0 kommentar(er)
