News Own Your Online External Link Report it
News Own Your Online External Link
  1. Welcome to the National Cyber Security Centre
  2. Alerts
  3. Russian intelligence ‘Snake’ malware

Russian intelligence ‘Snake’ malware

This section contains time sensitive announcements about specific cyber threats, vulnerabilities and scams. Each alert has information you need to be aware of, and what actions to take to mitigate any risk to you or your organisation.

Subscribe to our updates to be notified as soon as we publish an alert.

12:00am, 10 May 2023

TLP Rating: Clear

Russian intelligence ‘Snake’ malware

This joint advisory raises awareness of Snake malware used by RThe National Cyber Security Centre (NCSC) has joined international partners in publishing a technical advisory on malicious cyber activity linked to malware used by Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets.

Joint advisory: Hunting Russian intelligence 'Snake' malware [PDF, 4.1 MB]

The advisory has been published as part of a coordinated effort to raise awareness of this capability being used by sophisticated Russian state actors. The advisory is jointly issued by the: 

  • Australian Cyber Security Centre (ACSC),
  • Canadian Centre for Cyber Security (CCCS),
  • United Kingdom’s National Cyber Security Centre (NCSC-UK),
  • United States Cybersecurity and Infrastructure Security Agency (CISA),
  • Federal Bureau of Investigation (FBI),
  • National Security Agency (NSA),
  • United States Cyber Command, and
  • New Zealand’s National Cyber Security Centre (NCSC).

What's happening

Systems affected

While the NCSC is not aware of New Zealand organisations currently being impacted by the Snake malware, malicious cyber activity in New Zealand often reflects international trends. In the context of increased global tensions following Russia’s invasion of Ukraine, there is greater potential for cyber attacks.

What this means

We are making this advisory publicly available to help inform organisations’ cyber defence efforts. Information security leaders, technical specialists, security researchers, and academics are encouraged to review this advisory, consider the tactics, techniques and procedures (TTPs) described in it, and assess how they can support network defence and build resilience.

What to look for

How to tell if you're at risk

Organisations with high-value information, particularly those in sectors of strategic or geopolitical interest, should review the advisory closely to assess their exposure to targeted, long-term cyber intrusion. 

What to do

Prevention

If an organisation identifies malicious activity after reviewing this advisory, they should contact the National Cyber Security Centre. 

More information

Joint advisory: Hunting Russian intelligence 'Snake' malware [PDF, 4.1 MB]

For queries related to this advisory, please contact: info@ncsc.govt.nz