CHARLOTTESVILLE, Va., April 28, 2022 /PRNewswire/ -- SafeGuard Cyber, the leading provider of security and compliance solutions for today's communication-based threats, is now able to detect the stealthy new info-stealer malware known as "Prynt Stealer."
Prynt Stealer recently emerged as a powerful new info-stealer malware that can harvest user credentials and other important data from web browsers, messaging apps, VPNs, FTP applications and cryptocurrency wallets. The malware also contains a clipper tool for cryptocurrency payment theft, and a keylogger for ongoing password and other key information theft from the victim's machine which could result in additional account compromises and other stolen information.
What Prynt Stealer Targets:
- Web browser data, including passwords, session cookies, autofill data, credit card information and search history. Stolen session cookies could also be used to target the web-based clients of business communication platforms. The malware affects Chrome-based, Firefox-based and MS Edge browsers.
- Messaging app passwords and other sensitive data, including Telegram, Discord and Pidgin. VPN and FTP application account credentials.
- Cryptocurrency wallet configuration files and databases, which allows the malware to steal the cryptocurrency. The malware also contains a "clipper" for redirecting cryptocurrency payments to the attacker's address.
- Gaming app authorization files.
Detecting Prynt Stealer:
Although the malware has several stealthy design features that make it difficult to detect, SafeGuard Cyber's security technology platform is able to instantly detect Prynt Stealer, even when obfuscated, across 30 communication channels, including email, messaging apps like Telegram and collaboration channels.
SafeGuard Cyber's patented Natural Language Understanding technology also detects the social engineering language threat actors will use to distribute this and other types of malware in the initial phishing attack, whether it occurs over email, messaging apps or business communication platforms like Slack.
Threats to Business Communication Channels:
SafeGuard Cyber's D7 Threat Intelligence Unit also warns that threat actors could use Prynt Stealer to directly target employee accounts on business communication platforms like Slack, as many of these applications have a web-based client. Attackers have a history of using stolen session cookies to infiltrate communication channels, as in the 2021 EA breach.
Attackers could also use Prynt Stealer to move laterally within an organization, after the initial compromise, by propagating the malware in these trusted communications channels. This would allow a threat actor to shift the attack from an individual compromise to an enterprise-wide attack.
For organizations that would like more information about the risks Prynt Stealer poses to business communication channels and messaging apps, read SafeGuard Cyber's online explainer, "Prynt Stealer Malware Targets Messaging Apps."
About SafeGuard Cyber
SafeGuard Cyber provides the only comprehensive technology solution for addressing cybersecurity threats and compliance risks across the modern cloud workplace. The company's patented and award-winning Natural Language Understanding technology analyzes and correlates conversations across 30 communication channels and 52 languages, including collaboration, social, chat, messaging, and conference platforms, in order to detect and prevent communication-based threats like social engineering. By stopping attacks at the social engineering stage, SafeGuard Cyber allows companies to prevent data breaches, ransomware, invoice fraud, and many other threats. The company's cloud-based machine learning also provides compliance solutions for governance and policy enforcement that empower customers to communicate through modern apps and social networking. Learn more at www.safeguardcyber.com.
SOURCE SafeGuard Cyber
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article