skip to Main Content

Cybercrime, Snake can steal credentials from over 50 applications

Cybereason: Snake can steal credentials from over 50 applications. The malware, an info-stealer, is available for purchase in the underground for a price range between US $25 and $500

Snake is currently available for purchase in the underground scene for a price range between US $25 and $500. Cybercrime actors have been distributing the malware continuously through phishing campaigns since November 2020. It has been revealed by Cybereason cybersecurity experts. It is an information-stealer created in the .NET programming language. The attachments are typically archive files with file name extensions such as img, zip, tar, and rar, and store a .NET executable that implements Snake. Users have to first decompress and then start the executable to infect their systems. It can steal credentials from over 50 applications, which include FTP clients, mail clients, communication platforms, and web browsers. Finally, the malware supports data exfiltration through a variety of protocols, such as FTP, SMTP, and Telegram.

Back To Top