The crypto sector is not new to attracting advanced and sophisticated hackers looking to steal big capital from investors or exchanges. In a fresh development, cybersecurity firm Kaspersky has flagged a new infostealer malware called “Stealka” that is targeting the virtual assets sector. Those crypto investors who are also big on video games, especially, are high-risk targets of this malware.
Built to thrive on Microsoft Windows, the malware is disguised as either cheat codes or modifications for video games. Kaspersky said that Stealka is capable of targeting browser extensions for multiple crypto wallets.
“Binance, Coinbase, Crypto.com, SafePal, Trust Wallet, MetaMask, Ton, Phantom, Exodus are some of the most popular extensions now at risk,” the cyber security firm noted, listing browsers like Chrome, Firefox, Opera, and Edge among those under threat from Stealka.
Given the infostealer status of the malware, the encrypted private keys, seed-phrase data, wallet file paths, and encryption parameters of crypto wallets can be compromised and obtained by the deployer of the Stealka malware.
“That’s enough to at least make an attempt at stealing your cryptocurrency. At risk are 80 wallet applications, including Binance, Bitcoin, BitcoinABC, Dogecoin, Ethereum, Exodus, Mincoin, MyCrypto, MyMonero, Monero, Nexus, Novacoin, Solar, and many others,” Kaspersky noted.
Kaspersky has suggested that gamers using Windows must keep their antivirus softwares up-to-date to be safe against Stealka. It added that storing sensitive information like bank credentials, email sign-ins on the browsers must be strictly avoided in general as well.
“Be careful with game cheats, mods, and especially pirated software. It’s better to pay up for official software than to chase the false savings offered by software cracks, and end up losing all your money. Enable two-factor authentication or use backup codes wherever possible,” the security firm’s official post noted.
As per a recent Chainalysis report, crypto hacks have cost the industry over $3.4 billion this year. Wallet and private keys have emerged as popular targets for the hackers.