Concerns Rise Over New Crypto Infostealer Spread via Video Game Mods

New malware has been discovered that targets crypto wallets and browser extensions while disguising itself as game cheats and mods, according to cybersecurity firm Kaspersky. Kaspersky reported that this infostealer, dubbed Stealka, was uncovered in November and primarily targets Microsoft Windows user data.

Attackers have used Stealka to hijack accounts, steal cryptocurrency, and install crypto miners on victims' computers while masquerading as video game mods, particularly for Roblox, and software cracks for applications like Microsoft Visio.

This malware has been distributed through legitimate platforms such as GitHub, SourceForge, and Google Sites. Kaspersky researcher Artem Ushkov noted that Stealka's capabilities are extensive, making it particularly dangerous as it targets data from browsers built on Chromium and Gecko engines.

This poses a risk to over 100 different browsers, including popular ones like Chrome, Firefox, and Edge. The primary targets of Stealka include autofill data like sign-in credentials, addresses, and payment card details, along with the settings and databases of 115 browser extensions related to crypto wallets, password managers, and two-factor authentication services.

Some of the 80 crypto wallets targeted include Binance, Coinbase, Crypto.com, SafePal, Trust Wallet, and MetaMask. Additionally, messaging apps such as Discord and Telegram, email clients, password managers, gaming clients, and VPN applications are also at risk.

Kaspersky recommends using reliable antivirus software, password managers to avoid storing passwords in browsers, and avoiding pirated software and unofficial game mods to enhance protection. The report also highlights a concerning trend reported by Cloudflare, stating that over 5% of all emails sent worldwide contain malicious content, with more than half containing phishing links.