Researchers at cyber threat intelligence company Cyble have discovered a very powerful Windows infostealer named Prynt Stealer, which has been described as one of the most pressing cybersecurity threats at the moment.
What can Prynt Stealer do?
The infostealer is advertised on some Telegram channels as being able to steal people’s data and carry out complex direct financial compromises.
Based on Cyble’s in-depth analysis, our knowledge is that Prynt Stealer is capable of penetrating corporate networks, also thanks to the use of modules such as anti-analysis, keylogging and clippers.
The targets of recent attacks by Prynt Stealer have been, among others, five Firefox-based browsers, some cryptocurrencies wallets and a wide range of messaging and gaming apps.Thanks to its very powerful features, the popularity of Prynt Stealer in cyberattacks is growing steadily.
The price to get access to this infostealer are relatively accessible, with its developers selling it in subscriptions such as $100 per month, $200 per quarter, or $700 per year, or $900 for life. Although this malware tool has an enormous power for theft of sensitive data and financial damages, we should mention that its doubtful server infrastructure reliability might slow down its rise in popularity.
How does it work?
Prynt Stealer works by first scanning every drive in the host and gaining access to documents, source code, database and image files database files with a size of up to 5 KB; next, it targets autofill data, passwords, search history and credit card info stored in web browsers.
Subsequently, the program targets messaging apps such as Telegram and Discord, as well as gaming app authorization files. The act of actually stealing the data is done via a Telegram bot employing a secure encrypted network connection in order to communicate with a remote Command and Control (C2) server.
A final word
The existence of such means for conducting cyberattacks should remind all of us that the great potentials that the current technological evolution brings to society often come with severe dangers.
Since the threats posed by the growing use of Prynt Stealer are real, it is common for people to wonder what kind of actions can they take in order to safeguard themselves from this malware.
In this regards, some simple advices to follow for everyone would be to always adopt strong and possibly diverse passwords with 2FA and minimize third-party download sources.
Author: Giulio Caputi