Malware Families “Prynt” and “Saintstealer” are on a Stealing Spree

  • By Patrick Ryan
  • May 11, 2022

The use of malware designed to steal computer users’ information, including login credentials and system information, is rising. In particular, digital security specialists are shining the spotlight on Saintstealer and Prynt malware that steals credentials.  

How Do Prynt and Saintstealer Work?

After execution, the two malware families steal passwords, usernames, and credit card information. These forms of malware also steal information from a litany of locations throughout the entirety of the targeted system, compressing the data into a ZIP file that is protected by a password. The Saintstealer malware uses a NET-based 32-bit C# executable dubbed “saintgang.exe” to steal information. The malware is designed with checks for anti-analysis so that it can delete itself if operating in a virtual space or a sandbox.  

Saintstealer steals a plethora of data, including cookies, autofill information, screen captures, passwords, and more. The malware steals information within Chromium browsers, including the likes of Brave, Edge, Opera, Chrome, Yandex, and Vivaldi. Additionally, the malware is advanced to the point that it can pluck tokens for multi-factor authentication directly from the popular Discord chat platform. Saintstealer can also steal files with .docx, .doc, and .txt extensions and extract data from Open VPN, Nord VPN, Telegram, VimeWorld, and more.  

Once the information is stolen, it is copied to the hackers’ Telegram channel. The metadata is then exfiltrated to a C2 server, meaning command and control. The IP address tied to the C2 domain is connected to several stealer families ranging from EchelonStealer to Predator stealer, BloodyStealer, and Nixscare. 

Information stealers are a threat to businesses as well as everyday computer users. If Saintstealer gains access to the target’s infrastructure, it has the potential to cause significant problems within the cyberinfrastructure.  

What is Prynt Stealer All About?

Prynt Stealer has reared its ugly head, performing keylogging and stealing financial information with a clipper module. Prynt Stealer is advanced to the point that it can zero in on more than 30 Chromium browsers and half a dozen Firefox browsers and apps used for messaging, file sharing, and gaming. The malware is available to hackers for an ongoing subscription of $900. 

Prynt Stealer zeroes in on web browsers and apps to compromise targets’ financial information. Prynt Stealer users can even use the malware’s internal builder to develop a specialized spin that is difficult to detect, ultimately empowering the hackers to covertly pluck data from targets. Prynt scans through the target’s drives, steal information by scanning for keywords on the hard drive related to banking, and plucks the targeted information. 

Prynt Stealer is complex to the point that it can search a targeted computer’s hard drive to find digital wallets used to store cryptocurrency. The malware steals login credentials to access the e-wallet and steals the target’s cryptocurrency.

What Can Businesses and Everyday People Do to Avoid Prynt Stealer and Saintstealer?

Aside from implementing the latest digital security protections, it will also help if computer users at businesses and elsewhere remain mindful of the most common routes for transmitting malware. For example, it is unwise to click attachments or download files from unknown parties. Furthermore, using any form of torrent or cracked software also presents an opportunity for malware miscreants to wreak havoc.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Latest Articles

Fronton Botnet Tracks Online Activity and More

Fronton Botnet Tracks Online Activity and More

A botnet referred to as Fronton tracks activity on the internet and conducts illegal operations. The IoT botnet aims to steal information, disinform, and wreak general havoc on the web.

New Keylogger is Transmitted Through PDFs

New Keylogger is Transmitted Through PDFs

A keylogger is infecting computers through harmful PDF files. The snake keylogger centers on an email campaign that sends PDF files and other files from Microsoft Word programs.

Bug Might Allow Thieves to Steal Money from PayPal Accounts

Bug Might Allow Thieves to Steal Money from PayPal Accounts

The failure to quickly patch a bug might empower online criminals to steal money directly out of the accounts of PayPal users.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Run a Free Identity Scan
Check if your information is compromised