By GoldSparrow in Trojans

Threat Scorecard

Ranking: 16,679
Threat Level: 10 % (Normal)
Infected Computers: 46
First Seen: April 16, 2014
Last Seen: September 17, 2023
OS(es) Affected: Windows

Handsnake is a RAT, or Remote Access Trojan, which allows third parties to take control over the computer and control it from a remote location. Handsnake is just one of various threats that are being used by a particularly pernicious group. Handsnake has been used in association with threats that specifically target high profile organizations such as banks and government institutions in order to collect sensitive data and money from victims. Handsnake allows third parties to gain access to infected computers, allowing them to gather important data. The gathered data may be used for industrial espionage or other high profile activities. Handsnake is distributed through corrupted email messages which contain a JAR, or Java attachment that links to a third party server and downloads and executes a threatening file.

Analyzing the Attacks Linked to Handsnake

Handsnake may be associated with Netwire, another Rat that has been active since 2012. Both of these unsafe components are usually distributed using spam email messages and may be hosted on servers that have been compromised by hackers. Handsnake may extract email addresses from victims' computers. Handsnake also contains a stats tracker that allows hackers to know exactly how effective the Handsnake attack is. Handsnake has also been linked to the DarkComet RAT and to many threatening POS (Point of Sale) threats that may be used to collect sensitive information from compromised computers.

Killing this Snake with Your Hands

If your computer, by any chance, could have been exposed to Handsnake, you should take steps to safeguard your sensitive data. Avoid using the infected computer to access your online accounts and other sensitive data (such as online banking websites) and use a separate computer that is not compromised to change your passwords if possible. It is then important to use a fully updated and actual anti-malware tool to identify and remove all traces of Handsnake. Handsnake will seldom attack alone. Typically, a Trojan downloader is used to install Handsnake and Handsnake may be installed along with various other threats.


Most Viewed