Fortinet’s FortiGuard Labs recently caught a phishing campaign in the wild with a malicious Excel document attached to the phishing email. Fortinet researchers performed a deep analysis on the campaign and discovered that it delivers a new variant of Snake Keylogger.
Snake Keylogger (aka “404 Keylogger” or “KrakenKeylogger”) is a subscription-based keylogger with many capabilities. It is a .NET-based software originally sold on a hacker forum. Once executed on a victim’s computer, it has the ability to steal sensitive data, including saved credentials from web browsers and other popular software, the system clipboard, and basic device information. It can also log keystrokes and capture screenshots.
Read more…
Source: Fortinet
Related:
- Senior US Officials Impersonated in Malicious Messaging Campaign
May 15, 2025
FBI is issuing this announcement to warn and provide mitigation tips to the public about an ongoing malicious text and voice messaging campaign. Since April 2025, malicious actors have impersonated senior US officials to target individuals, many of whom are current or former senior US federal or state government officials and their contacts. If you receive ...
- Fashion giant Dior confirms customer data accessed in cyber attack
May 15, 2025
Luxury French fashion brand Dior is the latest high-profile retail firm to be hit by a cyber attack. In a statement, Dior said customer data was accessed as a result, however, no financial information was impacted. The incident comes in the wake of a number of UK retailers, including Marks and Spencer and Co-op, being hit ...
- Coinbase warns of $400m hit after data breach
May 15, 2025
Crypto exchange Coinbase has disclosed a significant cyber attack that could cost the company between $180m (£135m) and $400m (£300m), after hackers breached account data belonging to a “small subset” of its users. The news sent shares down three per cent in pre-market trading on Thursday. Coinbase said it received an email from an unknown threat ...
- Steelmaker Nucor halts some production after cyber security incident
May 14, 2025
Steelmaker Nucor said on Wednesday it had halted certain production at various locations after identifying a cyber security incident that involved unauthorized third-party access to certain information technology systems it used. The Charlotte, North Carolina-based company said it is in the process of restarting the affected operations as it investigates the incident along with external cyber ...
- Fortinet Releases Multiple Security Advisories
May 14, 2025
Fortinet has released security advisories to two critical vulnerabilities. The security advisories address one critical vulnerability in FortiOS, FortiProxy and FortiSwitchManager, and an exploited vulnerability in FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera. CVE-2025-32756 is a ‘stack-based buffer overflow’ vulnerability with a CVSSv3 score of 9.6. Successful exploitation could allow a remote unauthenticated attacker to execute arbitrary ...
- Cyber crime a big threat to Nigeria’s oil, gas sector
May 14, 2025
Nigeria’s strategic oil and gas industry has been urged to beef up its cyber security and avoid massive potential cost to the economy if current measures fail. According to Check Point’s African Perspectives on Cyber Security Report 2024, Nigeria continues to face one of the highest frequencies of cyber attacks in Africa, with organisations being attacked ...