New Malware Threat Targets Crypto Wallets and Browser Extensions
Cybersecurity firm Kaspersky has uncovered a sophisticated new malware campaign that poses a significant threat to cryptocurrency users and browser data. The malware, named “Stealka,” is designed to harvest sensitive information from Windows systems and is distributed through seemingly innocent gaming and software-related platforms.
Discovered in November, Stealka masquerades as game cheats, mods, and cracks, particularly for popular titles like Roblox, along with software cracks for applications such as Microsoft Visio. The malware leverages trusted sites such as GitHub, SourceForge, and Google Sites to spread, making it particularly insidious. Cybercriminals are also creating highly convincing fake websites that appear professional, using artificial intelligence tools to lure victims more effectively.
A fake website impersonating Roblox scripts, Source: Kaspersky
Targeting Browser Data and Cryptocurrency Wallets
Kaspersky researcher Artem Ushkov emphasized that Stealka possesses an extensive array of capabilities, notably targeting browser data from over 100 Chromium and Gecko-based browsers, including Chrome, Firefox, Opera, Yandex, Edge, and Brave. This broad range exposes a large user base to potential compromise.
The malware primarily aims to extract autofill data such as login credentials, addresses, and payment card information. Additionally, it targets the databases and settings of 115 browser extensions related to crypto wallets, password managers, and two-factor authentication services—making digital assets and credentials highly vulnerable.
Among the targeted crypto wallets are major platforms like Binance, Coinbase, Crypto.com, SafePal, Trust Wallet, MetaMask, Ton, Phantom, Nexus, and Exodus. Messaging apps such as Discord, Telegram, Unigram, Pidgin, and Tox, along with email clients, VPN applications, and gaming clients, are also at risk.
Protection Strategies
Kaspersky recommends users employ reputable antivirus software and password managers, avoiding the practice of storing passwords directly within browsers. It also advises against using pirated software and unofficial game modifications, which are common vectors for malware spread. Keeping software up-to-date and remaining cautious about sources for downloads are key steps in protecting oneself from such threats.
Recent reports from Cloudflare highlighted that over 5% of all emails worldwide contain malicious content, with more than half of these including phishing links and malicious HTML attachments. This underscores the importance of vigilance across all digital interactions in safeguarding crypto assets and personal information.
This article was originally published as Stealth Malware Infects Crypto Wallets Through Popular Game Mods on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.
