Info Stealer

Snake Keylogger

First seen: 2020 • Status: active

Currently Active Threat

Snake Keylogger is a spy program that records everything you type and sends it to criminals through email or Telegram.

Overview

Snake Keylogger is a .NET information stealer that exfiltrates data via SMTP, FTP, and Telegram. It features credential theft, keylogging, and screenshot capabilities.

Also Known As

404 Keylogger, Snake

How It Spreads

  • Phishing emails
  • Office macros
  • PDF attachments

What It Does

  • Keylogging
  • Credential theft
  • Screenshot capture
  • Clipboard hijacking
  • WiFi password theft

Is your business exposed?

Target Platforms

Windows

Detection Tips

  • Monitor for SMTP/FTP exfiltration
  • Check for Telegram API usage
  • Analyze .NET assembly behavior
  • Review startup persistence

MITRE ATT&CK Techniques

T1056, T1555, T1113, T1115, T1071

If You're Infected

  1. 1.

    Remove Snake Keylogger

  2. 2.

    Change all passwords

  3. 3.

    Reset WiFi passwords

  4. 4.

    Review email for sent credentials

Related Malware

Agenttesla, Formbook, Hawkeye

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices