|Category: Malware Intelligence||Type/Family: Information Stealer||Industry: Multiple||Region: Global|
- On 15 August 2022, CloudSEK’s contextual AI digital risk platform XVigil discovered a threat actor sharing a GitHub link to the source code of the Prynt Stealer.
- Instructions for creating a bot on Telegram, to use the Prynt Stealer, have also been shared.
- The Prynt stealer is available on the marketplace at a price of USD 100 per month.
- It can be delivered via infected email attachments, malicious download links or files, online advertisements, and many other ways.
- Prynt-Stealer functionality allows it to go on stealth mode and sensitive information from the system.
- The following information can be collected using Prynt stealer:
- Passwords, cookies, auto-fills, bookmarks, history, and credit cards.
- System and hardware information.
- Information from mail clients, FTP clients, etc.
- Credentials from browser-based crypto wallets.
- Clipper and Keyloggers.
- Credentials and logs from VPNs.
- The stealer has a built-in Prynt Crypter and a file spoofer which can spoof any file extension and track victims.
- It also offers a Crypto-Malware which can be used to send or receive victims’ cryptocurrency.
- The stealer deletes the server allowing it to go into stealth mode making it difficult to find.
- It has a Microsoft Excel exploit built in along with a file pumper which boosts the file size to any specific size such as KB, MB, or GB.
- After buying the stealer, the buyer needs to go on telegram to create a bot using @BotFather.
- Once the bot is created, a telegram HTTP API token is received which is to be used in the builder of Prynt stealer.
- Next, the buyer needs to get a chat id from @id_chatbot and put the number into the builder.
- Once all the above steps are done, the stealer is ready to be delivered on the victims’ machine.
|itrio||Sputnik||Vivaldi||Coowon||Liebao||Sleipnir 6||QIP Surf|
|Crypto Wallets||Metamask||Armory||Atomic Wallet||Bitcoin Core||Byte-coin||Jaxx||Litecoin Core|
|VPN||Nord VPN||Open VPN||Proton VPN|