Krypton Stealer

The Krypton Stealer is likely a Russian made info stealer. Its authors are selling the Krypton Stealer on Russian hacking forums. It is not specified what the exact price of this info stealer is but it is likely rather cheap, as tools of this type that are made in Russia tend to be sold at pretty low prices. The payment is required to be in the shape of Ethereum or Bitcoin. Having in mind how cheaply such hacking tools are usually sold, it is likely that many shady individuals will take advantage of this offer, which may result in thousands of victims worldwide.

The Krypton Stealer is written in the C++ and C programming languages. It can be deployed in attacks against machines running Windows 7 and every other Windows version newer than that successfully. The main goal of the Krypton Stealer is to gather data from the compromised host. It also is capable of hiding its tracks because its payload is rather small in size and can, therefore be obfuscated easily to stay under the radars of anti-malware applications.

The authors of the threat have included quite a few features in the Krypton Stealer. Once up and running, it can collect data from Web browsers such as Google Chrome, Internet Explorer, Opera, Sputnik, Amigo, Vivaldi, Maxthon, etc. The data the Krypton Stealer targets is privileged information such as credit card data, passwords, search history, auto-completion details and download information.

The stealer targets several programs that cybercriminals focus on - VPN clients, FTP clients and Telegram. More specifically, the Krypton Stealer can snatch credentials from Filezilla, TotalCommander, FTPNavigator, and the VPN clients Proton and Nord.

The Krypton Stealer also is capable of collecting information about cryptocurrency wallets. It targets files, which are connected to cryptocurrency wallet services like Ethereum, Jaxx, Exodus and Electrum. The info stealer is operated via a control panel. The authors of the Krypton Stealer state that there are updates planned in the future, and it is likely that they will add more features and thus attract more clients.

Normally, as hard as they try to stay on the down low, info stealers tend to get spotted by anti-virus tools rather easily. This is why it is important to make sure you have downloaded and installed an anti-spyware application, which would keep you safe from the Krypton Stealer.