SHurk Steal

The SHurk Steal is a threat written in C++ that targets Windows systems that aim to harvest sensitive information from them. Infosec researchers have noticed that the SHurk Steal is being offered for sale on underground hacker forums. Wannabe cybercriminals can obtain the threat for 400 rubles per week, 900 per month, or by making a one-time payment of 3000 rubles that would give them lifetime access to the stealer. 

The consequences of being infected with the SHurk Steal could be devastating. The threat is capable of obtaining a vast amount of private data. It can compromise browser cookies, access account credentials, credit card numbers, or other details saved as autofill data in Chromium-based browsers. 

Unfortunately, the threat's functionality doesn't stop here. The SHurk Steal can collect cryptocurrency wallets not connected to the net (known as cold wallets), other wallet files and device details such as IP addresses. In addition, the threat also could attempt to hijack Telegram sessions. 

The obtained information can then be exploited by the attackers in a variety of ways. They can conduct fraudulent transactions, try to escalate their reach by compromising other accounts belonging to the victim, or simply offload the gathered data to other interested parties, most likely cybercriminal outfits. 


Most Viewed