Cybersecurity researchers at Fortinet are sounding the alarm over a sudden rise in Snake keylogger malware attacks, which is currently posing a massive risk to businesses and individuals using Microsoft Windows.
According to Fortinet, a leading cybersecurity in the United States, the latest version of the Snake keylogger (also known as 404 Keylogger) has been responsible for over 280 million attack attempts since the beginning of 2025!
This malware has been detected executing up to 14 million infection attempts per day, making it one of the worst cyber threats of the year, so far.
How the Snake Keylogger Works
The Snake keylogger is designed to quietly monitor and record keystrokes made by users on infected devices, allowing the cybercriminals to easily gather sensitive information such as passwords, financial details, and personal data.
Once they have their hands on this data, the stolen information is then sent back to the attackers using various channels, such as SMTP email servers, Telegram bots, and HTTP post requests.
This malware is particularly dangerous because it goes well beyond simple keystroke logging.
It can access browser autofill data and then steal personally identifiable information, and even geolocation details.
Cybersecurity experts have warned that both individuals and businesses are at high risk of being exploited, with the potential consequences ranging from unauthorised financial transactions to identity theft and corporate data breaches.
Designed to Evade Detection
The Snake keylogger is built using AutoIT, a Windows-based automation scripting language, which is especially effective when used to infect Windows.
Once installed, it neatly embeds itself into the system’s Startup folder, allowing it to begin its data theft every time the device is started. Unlike many other malware strains, it does not require administrative privileges to run, making it even more insidious and effective for the attacker.
Security experts have specifically highlighted that the latest version of the Snake keylogger makes use of advanced obfuscation techniques (which are techniques made to hide their attacks) which is disguising its malicious code within legitimate system processes.
This makes it that much harder for antivirus software to detect and remove the malware before it causes damage.
The Growing Threat of Phishing Attacks
Like many other forms of malware, the Snake keylogger primarily spreads through phishing attacks.
Cybercriminals are basically tricking unaware users into downloading the malicious attachments or the users are being tricked into clicking on harmful links in emails that appear legitimate.
Phishing scams are becoming more and more difficult to identify, with attackers convincingly impersonating reputable organisations and using persuasive language to convince recipients to interact with their phishing messages.
How UK Businesses Can Protect Themselves
Given the scale and sophistication of this malware, UK business owners using Microsoft products should take immediate action to check and improve their cybersecurity measures. To reduce the risk of infection, experts recommend that you take the following steps:
- Educate your employees by conducting regular cybersecurity training to help staff recognise phishing attempts and to encourage staff to avoid clicking on suspicious links or attachments.
- Enhance your email security by using advanced email filtering solutions to identify and block phishing emails before they even reach inboxes.
- Keep software updated to ensure that all operating systems, software, and antivirus applications are regularly updated to patch vulnerabilities that malware could exploit.
- Use strong authentication and use multi-factor authentication (MFA) to add an extra layer of security to accounts and sensitive systems.
- Monitor all of your network activity by using detection systems to identify and respond to suspicious activity before it escalates into a security breach.
For those concerned about their cybersecurity setup, consulting with IT security professionals, like 24/7 IT Services, is the best course of action. We provide our clients with expert IT security solutions, managed IT support, and more. Contact us today to book a consultation.
