216.73.216.197

Applications of Snake Keylogger in Geopolitics: Abuse of Trusted Java Utilities in Cybercriminal Activities

· Published 06/07/2025 11:54 · Modified 13/07/2025 09:36

Export JSON

Essential information

Published
06/07/2025 11:54
Modified
13/07/2025 09:36
Tags
2025-07-06 credential-theft dll sideloading geopolitical java keylogger maas petroleum snake keylogger spear-phishing
Related entities
1 intrusion sets (apt), 13 techniques (mitre), 1 malware, 5 others

Description

A new phishing campaign using , a Russian-origin stealer, has been discovered targeting various victims including corporations, governments, and individuals. The campaign uses emails offering products, with malicious attachments exploiting the legitimate jsadebugd.exe binary through to load . The attackers are leveraging current tensions in the Middle East to expand their reach. The malware steals credentials from browsers and applications, collects system information, and exfiltrates data via SMTP. This campaign marks the first observed malicious use of jsadebugd.exe, indicating evolving tactics to evade detection.

External references