New Crypto Infostealer 'Stealka' Disguised as Game Mods Exploits Users, Reports Kaspersky
Security/Tech

New Crypto Infostealer 'Stealka' Disguised as Game Mods Exploits Users, Reports Kaspersky

Cybersecurity experts have revealed a new malware called Stealka that poses as game modifications to compromise crypto wallets and gather sensitive online data.

Trade with eToro

Trade with eToro

Open an account

Trade on XM

Trade on XM

Open an account

Kaspersky has recently discovered a new type of malware known as Stealka that pretends to be video game modifications and pirated software, aiming to steal crypto wallets, passwords, and browser data.

Kaspersky released a report on Thursday announcing the identification of Stealka, targeting Microsoft Windows users.

Cybercriminals are utilizing this malware, first found in November, to hijack accounts, steal cryptocurrency, and install crypto miners on victims’ computers while posing as video game cheats and mods.

This malicious software has been distributed through legitimate websites like GitHub, SourceForge, and Google Sites, often masquerading as game mods, especially for Roblox, and as software cracks for programs like Microsoft Visio.

Kaspersky researcher Artem Ushkov mentioned that attackers might even employ artificial intelligence tools to create comprehensive fake websites that appear highly credible.

A fake website pretending to offer Roblox scripts, Source: Kaspersky

Targeting Crypto Wallets and Extensions

Ushkov indicated that Stealka possesses an extensive range of capabilities but is particularly concerning as it primarily extracts data from browsers built on Chromium and Gecko engines, placing over 100 different web browsers, such as Chrome, Firefox, Opera, Yandex, and Edge, at risk.

The malware’s primary targets include autofill data like sign-in credentials, addresses, and payment card information, as well as settings and databases of 115 browser extensions related to crypto wallets, password managers, and two-factor authentication services.

Among the 80 crypto wallets affected by the malware are Binance, Coinbase, Crypto.com, SafePal, Trust Wallet, MetaMask, Ton, Phantom, Nexus, and Exodus. Kaspersky also reported that messaging applications, email clients, password managers, gaming clients, and even VPNs are at risk.

Best Practices to Avoid Infostealer

To protect against such threats, Kaspersky advises using reliable antivirus software and password managers, avoiding password storage in browsers, as well as steering clear of pirated software and unofficial game mods.

Cloudflare recently reported that over 5% of all emails sent globally contain malicious content, with more than half including phishing links, and a quarter of all HTML attachments deemed harmful.

Related articles: Kaspersky Blog on Windows Stealer Stealka | Report on Crypto Malware Detection

Next article

Aave's Ambitious Plan for 2026: Aiming for Trillions in Assets and a Global User Base

Newsletter

Get the most talked about stories directly in your inbox

Every week we share the most relevant news in tech, culture, and entertainment. Join our community.

Your privacy is important to us. We promise not to send you spam!