Applications of Snake Keylogger in Geopolitics: Abuse of Trusted Java Utilities in Cybercriminal Activities
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A new phishing campaign using Snake Keylogger, a Russian-origin stealer, has been discovered targeting various victims including corporations, governments, and individuals. The campaign uses spear-phishing emails offering petroleum products, with malicious attachments exploiting the legitimate jsadebugd.exe binary through DLL sideloading to load Snake Keylogger. The attackers are leveraging current geopolitical tensions in the Middle East to expand their reach. The malware steals credentials from browsers and applications, collects system information, and exfiltrates data via SMTP. This campaign marks the first observed malicious use of jsadebugd.exe, indicating evolving tactics to evade detection.
OPENCTI LABELS :
keylogger,spear-phishing,credential theft,java,dll sideloading,geopolitical,maas,snake keylogger,petroleum
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Applications of Snake Keylogger in Geopolitics: Abuse of Trusted Java Utilities in Cybercriminal Activities