Serpent Trojan Targets French Users and Institutions

trojan horse

The Serpent Backdoor Trojan is a piece of malware, which was recently observed attacking companies and institutions based in France. The criminals were approaching their victims through phishing emails, which were crafted to look as if they were sent by someone who wants to apply for an open job position. Naturally, such messages contain some sort of document attached, like a CV. However, the spam messages did not deliver a safe document – instead, they deliver a macro-laced Microsoft Word file that can deploy the Serpent Backdoor Trojan.

The malicious macro executes an encoded PowerShell script, which fetches the Serpent Backdoor Trojan payload and runs it in the background. The primary goal of the Trojan is to grant its operators remote access to the infected system, as well as to spread laterally across the network. The best way to counter such attacks is to use reputable antivirus and firewall software, as well as to instruct employees to be extra careful when reviewing random, unexpected email attachments.

A separate spam campaign delivering the Serpent Backdoor Trojan relies on steganography. This means that the hackers had managed to modify images in order to inject malicious code into them, that could then be decoded and executed by a script accompanying the image file. It appears that the primary focus of the Trojan is to grant the criminals remote control over the infected system. Once they have control, they use the elevated permissions to hijack information, plant additional malware, or to spy on victims. We suspect that cyber espionage and data theft could be the primary goals of the gang behind the Serpent Backdoor Trojan

March 22, 2022
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.