Cybercrime, SnakeKeylogger passes by invoices in Turkey

28 February 2023
Francesco Bussoletti
Defence and Security, Restricted Area

SnakeKeylogger passes by invoices in Turkey. The “854F1E97-5DBB-4A87-A566-33D9012B05E2pdf.lzh” attachment of the “MEPAS E-Arsiv Fatura” email contains an exe: the malware. Stolen data is exfiltrated via Telegram API

New invoice themed SnakeKeylogger campaign from Turkey.

The “854F1E97-5DBB-4A87-A566-33D9012B05E2pdf.lzh” attachment of the “MEPAS E-Arsiv Fatura” email contains an exe file: the malware. The stolen data is then exfiltrated via Telegram API.

Indeed, SnakeKeylogger is an info-stealer capable of acquiring information through various methods.

Facebook
Twitter
LinkedIn
WhatsApp
Telegram
Facebook Messenger

SnakeKeylogger passes by invoices in Turkey. The “854F1E97-5DBB-4A87-A566-33D9012B05E2pdf.lzh” attachment of the “MEPAS E-Arsiv Fatura” email contains an exe: the malware. Stolen data is exfiltrated via Telegram API

Francesco Bussoletti

Related Posts