SHurk Steal, an Infostealer, Rented Out by Malware Developers
SHurk Steal is a malicious application whose creators are renting it out to likeminded criminals. Unfortunately, it seems very likely that SHurk Steal may attract a lot of attention from the hacking community. Its authors are asking for just 400 Rubles per week in exchange for full access to SHurk Steal's features. This information stealer can also be purchased for a one-time fee of 3000 Rubles. Its creators claim that it is able to bypass Windows security measures and then exfiltrate sensitive data from the system it penetrates.
But what types of information can SHurk Steal access?
After it manages to establish itself on the compromised system, it will proceed to contact the remote command and control server. The implant then awaits further instructions. It is able to obtain information from Google Chrome and Chromium Web browsers. Furthermore, it can capture cryptocurrency wallets and wallet files. The malware is also able to hijack Telegram sessions, which could provide criminals with access to the victim's Telegram profile.
SHurk Steal's ability to target Chromium browsers is undoubtedly the biggest threat. By stealing the browser's database, the criminals could potentially recover login details, cookies, accounts, and more.
Since SHurk Steal is being sold freely, it is safe to assume that the criminals may be using all sorts of tricks to spread it online. These include:
- Targeted email spam with malicious URLs or attachments.
- Pirated content – games, software, etc.
- Fake ads and pop-ups.
- Misleading websites with bogus content.
The good news about malware-as-a-service projects like this one is that antivirus vendors are quick to detect them. The SHurk Steal infostealer is easily identifiable by reputable antivirus tools. They will detect and eliminate the threat before it gets a chance to access any of the data on your device. We advise users to invest in reputable antivirus software to thwart such malware attacks.