Snake Social & Spyware

 



Over the years some members of Snake Social seemed to possess an uncanny sense of what was going on around me.  They'd make coincidental comments that had to do with what I might be watching on TV, or listening to on the radio, or what I'd been talking about. Food I had eaten, sometimes very specifically, such as spaghetti squash or like 3 dozen donuts I purchased for a party, or know an exact episodes of National Geographic TV show I was watching. They could post lyrics of songs I was listening to as I was listening to it. Odd, right?

 It's like how Alexa will overhear your conversations and start advertising the very thing you were talking about.  I'd bring it up to the chat room and most were very quick to point out that it was coincidence and that I was going crazy, Snake, and 50 most vocally.

  My husband at the time reminded me the iPhone was unhackable.  The security was top notch and all the apps were isolated.  He cautioned me to never click on links that would download something that might accidentally install.  Yes. I know, this. It was unthinkable that spy software could be installed without some kind of user interaction.  That's what we've been taught after all.

After more than"coincidental" messages it became quite clear that someone was listening in. Even he became a believer. We were convinced.  After longer trips away from home the data usage on the phone bill was astronomical.  Attempts were made to remove the bugs with little success.  Factory reset wouldn't rid the device of the bugs at all.  Eventually the phones were traded in or destroyed and likely the perverts now were listening in on whoever inherited the outdated phone in Bejing or Mexico.  I vowed never to click one of their tainted links again.  Though, knowing what we know now, they've probably listening in the entire time. 

In 2020 a zero click spyware sponsored by the Israeli government was discovered.  Zero click means the spyware will install on a phone without user interaction.  Pegasus indeed only had to load a picture and the phone was infected.  Much todo was made about this since the Israelis could spy on anyone who looked at the tainted image.  Their spy network had spread all over the world and nobody was the wiser. In theory this exploit was fixed by Apple in 2020.  Problem solved! Yes, I felt vindicated. 

Your phone may be infected by spyware linked via Snake Social.

  • The spyware is installed with user interaction.  A link or button on a web page must be clicked by the user.  This executes the exploit script.  
  • All platforms are susceptible to this spyware: iOS, Android, OSX, Chromebook, and Windows.
  • Newer security updates have not fixed the exploits this spyware uses.  It was observed to have infected an updated Samsung Galaxy S23
  • Clues your device have been infected include
    • sluggish performance
    • fast battery drain
    • your device is hot
    • "coincidental" comments on snake-social.com
    • increased data usage

Snake and his minions  shuttered the Hill's comment section for good due to their relentless harassment of others and awful behavior.  We also believe members of SS have used the Disqus platform to distribute  spyware. The Disqus management seems unaware or complacent. This included TheHill comment section. The replacement comment section at Mediaite does not allow embedded links in their posts. Links are essential to spread this specific spyware, we believe.  Snake opened up snake-social.com as a "free speech" hangout for his group of acolytes.  He would spam the mediaite boards with invitations to come gossip on SS and this enabled devices to continue to be infected with malware. 

It turns out Snake and his minions were sowing quite a lot of chaos with  spyware.  I'd lose access to accounts mysteriously.  For example my replacement low-fi comment section: commento.io would go down on a daily basis.  I assumed, since they had hacked the unhackable iPhone, that they were super hackers.  Figuring out weaknesses in the API or doing dictionary attacks on my passwords.  I could not figure out how they were getting in. How could these losers be super hackers? I thought.

I gave up on commento and made my own comment section using React and node.js.  I had absolute control over the comments.  I could observe all the traffic going into it.  I could see information about all the people using it.

I noticed some very interesting traffic going to my server.  The traffic couldn't possibly have come from the frontend I had created.  They weren't well formed commands.  They were missing arguments the web page would have provided.  I stared looking at where this traffic was coming from and was very surprised to discover it had originated from my hacked iPhone.  

How was this possible?

How was my iPhone posting by itself? That was sitting in a drawer. 👀

Suddenly everything made sense.  

They weren't super hackers.  

They were amateurs.  

They were using a backdoor.

No matter how secure your phone is.  No matter how secure your network is from outside attacks.  No matter how secure your password is.  It can all be bypassed with a backdoor.

Most of us leave our web pages logged in on our phones.  Our email stays logged in.  Disqus and Mediaite stay logged in.  Our banking apps stay logged in.  These amateurs.  These script kiddies.  These no talent perverts were using tools made by much more talented programmers to do their dirty work.

Here's what we know of the capabilities of the Snake Social Spyware:

  • They can listen in on your microphone
  • They can stream video from your cameras
  • They can interact with any web pages you've left logged in
    • hijack accounts
    • steal banking info
  • They can browse photo albums
Here's what they could potentially do:

  • spread to other computers on your local network
  • capture your screen and keyboard to capture passwords
  • open and interact with apps other than the web browser
  • lock your phone and hold it ransom
So how do you get rid of it?

As has been observed, the spyware survives factory reset actions.  The only way to get rid of it is to format your hard drives or reimage your phone.  This involves downloading a windows iso from Microsoft or an image from sammobile.com or Google. Something average users are not capable of doing.

Infected devices should be isolated.  disconnect them from your home network and put them in airplane mode.  A faraday box or microwave is the best method of completely isolating it.

Yes. I have the infected devices. 

We will discuss in comments. We have many stories. Comments will open shortly. Please add your experience: