A new and dangerous keylogger is on the loose – here’s how to stay safe


- Snake Keylogger seen in more than 280 million blocked infection attempts
- The malware uses advanced obfuscation mechanics
- There are ways to defend the endpoints
Cybersecurity researchers from Fortinet have warned about a new, dangerous threat called Snake Keylogger.
This information-stealing piece of malware has been observed in more than 280 million infection attempts blocked just by Fortinet’s solutions, meaning the threat is widespread, and the threat actors are casting quite a wide net.
In its in-depth report, Fortinet says that Snake Keylogger is most prevalent in China, Turkey, Indonesia, Taiwan, and Spain, but added that its widespread presence highlights it as a global threat.
Advanced evasion techniques
The malware is primarily being spread through phishing emails with malicious attachments and links, and is used to steal sensitive information from browsers such as Chrome, Edge, or Firefox. Furthermore, Snake Keylogger can log keystrokes, capture credentials, and monitor for clipboard activity. Finally, it uses SMTP (email) and Telegram bots to exfiltrate whatever information it steals.
What makes this malware particularly dangerous is its use of AutoIT for evasion, Fortinet further explains. By hiding malicious code within compiled AutoIT scripts, the threat actors are making static analysis difficult, and ensure that the executables make it past traditional antivirus detection solutions.
There are ways to mitigate risks, though. Fortinet says that users should be careful with incoming email messages, and should avoid opening unsolicited email attachments, or clicking on unexpected links. Furthermore, users should make sure their antivirus software is up-to-date, and should keep their other software patched up, as well.
Finally, the cybersecurity community should continue working on improving user awareness on topics such as phishing, social engineering, and identity theft.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Keyloggers and infostealers are dangerous pieces of malware since they grant attackers keys to the kingdom, which can later be used in ransomware attacks, extortion, and more. In this particular case, Fortinet did not say who built the keylogger, or if they usually target a specific industry.
You might also like
Snake Keylogger seen in more than 280 million blocked infection attempts The malware uses advanced obfuscation mechanics There are ways to defend the endpoints Cybersecurity researchers from Fortinet have warned about a new, dangerous threat called Snake Keylogger. This information-stealing piece of malware has been observed in more than 280…
Recent Posts
- Alienware’s 27-inch 280Hz QD-OLED monitor is now available for $550
- The 100+ best Prime Day deals under $100
- My favorite medical comedy-drama Scrubs is getting resuscitated on Hulu, but I hope it doesn’t undergo major surgery as part of its revival
- The best Prime Day deals on Verge-favorite 4K Blu-rays
- Kodak’s retro Super 8 camcorder is outrageously expensively, but I’ve found this super-cheap digital alternative
Archives
- July 2025
- June 2025
- May 2025
- April 2025
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022