SNAKE ransomware looks to encrypt an entire business network

News
By
published

New enterprise targeting ransomware encrypts all of the computers on a company's network

(Image credit: Future)

A new ransomware family has been discovered that is being used to target and encrypt all of the devices on business networks.

The SNAKE ransomware is the latest example of enterprise targeting ransomware which is used by cybercriminals to infiltrate business networks, gather administrative credentials and encrypt the files of every computer on a network using post-exploitation tools.

Other notable enterprise targeting ransomware families include Ryuk, BitPaymer, DoppelPaymer, Sodinokibi, Maze, MegaCortex and Locker Goga.

SNAKE ransomware

The SNAKE ransomware was first discovered by the MalwareHunterTeam which then shared it with the ethical hacker Vitali Kremez in order to reverse engineer it. Kremez's analysis of the ransomware revealed that it is written in Golang and contains a higher level of obfuscation than is typical with these kinds of infections.

Once the SNAKE ransomware enters a business' network, it removes the Shadow Volume Copies stored on computers and then kills a number of processes related to SCADA systems, virtual machines, industrial control systems, remote management tools, network management software and more. The ransomware then encrypts the files on each device while skipping any files located in Windows system folders and other system files.

The SNAKE ransomware adds a random five character string to the file extension of each file it encrypts and it also changes the 'EKANS' file marker (EKANS is SNAKE in reverse) of every encrypted file.

Once a computer's files have been encrypted, the program creates a ransom note on a user's desktop named Fix-Your-Files.txt. The note itself contains an email address to contact the cybercriminals who will provide a decryption tool loaded with a private key created specifically for the user's network for a fee.

The SNAKE ransomware poses a major threat to corporate networks because it encrypts files on all of the computers on the network as opposed to just those on a single machine.

Via BleepingComputer

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
HTTPS in a browser address bar
Malicious "polymorphic" Chrome extensions can mimic other tools to trick victims
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
Latest in News
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
Apple iPhone 16 Review
Three iPhone 17 model dummy units appear in a hands-on video leak
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
New Samsung Galaxy S25 Edge may have revealed some key details – including its price
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 10 (game #1141)
More about security
Woman shocked by online scam, holding her credit card outside

Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Cryptocurrencies

Ransomware’s favorite Russian crypto exchange seized by law enforcement
Gaming with AI

I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
See more latest
Most Popular
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Molecular hard drive
Chinese researchers are looking to create a revolutionary type of hard drive based on organic materials but huge unknowns remain
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 10 (game #1141)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 10 (game #372)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 10 (game #638)
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max
Dynabook Portégé Z40L-N
Dynabook's newest laptop has a 4-year warranty, a swappable battery, a weight of under 1 kg, and even a LAN port
Cortical Labs CL1
A breakthrough in computing: Cortical Labs' CL1 is the first living biocomputer and costs almost the same as 'Apple's best failure'
Workplace AI Adoption
ChatGPT remains the most popular AI tool in offices worldwide, survey finds, with India leading the way