KuinaExtractor Infostealer Targets Browser Data and Crypto Wallets

The newly identified KuinaExtractor infostealer, written in Rust, has been evolving for over six months and poses a significant threat to users across various platforms. It targets sensitive data, including browser information, cryptocurrency wallets, and credentials for popular services like Roblox, Steam, and Discord. The malware employs advanced techniques such as Telegram for data exfiltration, User Account Control (UAC) bypass, and sandbox detection to enhance its stealth capabilities. Analysis indicates a single-operator lineage with a focus on concealment rather than new features. The ongoing threat is compounded by its ability to affect a wide range of users, making it a growing concern in the cybersecurity landscape.

Key Points: • KuinaExtractor is a Rust-based infostealer targeting browser data and crypto wallets. • The malware uses Telegram for exfiltration and employs UAC bypass techniques. • It has been evolving for over six months, indicating a sustained threat to users.