reports that the new Prynt Stealer info-stealer malware
has been developed with comprehensive stealthiness and data exfiltration capabilities to target various messaging apps, web browsers, and gaming apps.
Binary obfuscation and Rijndael encrypted strings have been added to Prynt Stealer, which also has AES256-encrypted C2 communications to evade detection, according to Cyble researchers.
The report noted that after scanning and stealing various data smaller than 5KB, Prynt Stealer sets its sights on data stored in Google Chrome, Mozilla Firefox, and Microsoft Edge, including autofill data, credit card information, account credentials, cookies, and search histories. Further data scanning is then conducted to identify banking-, cryptocurrency-, and porn-related keywords before it targets Telegram, Discord, and Pidgin. Prynt Stealer also moves to exfiltrate gaming app authorization files and save game files from Minecraft, Steam, and Ubisoft Uplay, before proceeding with searching cryptocurrency wallets.
Threat actors could avail Prynt Stealer for $100 a month, $200 a quarter, or $700 a year, but could also choose to pay $900 for a lifetime license.