Blog

Jul 17, 2022

The most dangerous keylogger malware of 2022: Snake Keylogger

Posted by in categories: cybercrime/malcode, encryption, finance

Check Point Research, the Threat Intelligence division of the company, a leading global cybersecurity specialist provider, has released its Global Threat Index for the month of June 2022. Researchers have found that Emotet continues to be the number one malware and has also increased its global incidence by around 6%. Continuing with its climb of the last month, Snake Keylogger sneaks into the top three positions, taking the Formbook position, both still far from Emotet.

Emotet, has affected 14% of organizations around the world in June, an increase that is almost double compared to the previous month. This malware is highly profitable thanks to its ability to go unnoticed. Its persistence also makes it difficult to remove once a device is infected, making it the perfect tool in a cybercriminal’s arsenal. Conceived as a banking Trojan, it is often distributed via phishing emails and has the ability to embed other malware, increasing its ability to cause widespread damage.

There are other malwares that have increased their presence such as Raspaberry Robin, GuLoader and Wacatac. The first one was discovered a few months ago (September 2021) and is distributed via infected USB drives, uses various legitimate Windows functionalities to communicate with its C&C servers and execute malicious payloads. GuLoader first appeared in December 2019 and was used to download Parallax RAT, but has been applied to other remote access Trojans such as Netwire, FormBook, and Agent Tesla. Lastly, Wacatac is a Trojan threat that locks files but does not encrypt them like typical ransomware. When Wactac infiltrates a user’s system, it changes the names of the target files by appending a “”.wctw” extension. The lack of data encryption capability makes this threat reversible. Wactac is normally spread using spam email campaigns and rogue software.

Comments are closed.