The cybersecurity company Kaspersky recently released a security report disclosing a new type of Crypto Assets information stealing program named “Stealka”. This malware primarily targets Windows users, disguising itself as game cracking programs, cheating tools, and popular game MODs, spreading through various channels, posing a serious threat to Crypto Assets users.
Reports indicate that Stealka was first discovered in November of last year. Attackers exploited it to hijack user accounts, steal Crypto Assets, and implant mining programs on the victims' computers. Even more misleading, this malware is often distributed through seemingly “legitimate” platforms like GitHub, SourceForge, and Google Sites, disguised as Roblox game MODs or even cracked versions of office software such as Microsoft Visio.
Kaspersky researcher Artem Ushkov pointed out that some attackers also use artificial intelligence tools to create phishing websites that look extremely professional, further increasing the success rate of deception. This makes it easy for ordinary users to unknowingly infect their devices with malware when downloading game MODs or cracked software.
On a technical level, the dangers of Stealka are particularly pronounced. It primarily targets browser data based on the Chromium and Gecko kernels, meaning that more than 100 mainstream browsers, including Chrome, Firefox, Edge, Brave, Opera, and Yandex, may be affected. Its theft targets not only include browser autofill information such as login accounts, addresses, and payment card data, but also cover the configurations and databases of 115 browser extensions.
Kaspersky confirmed that up to 80 affected crypto wallets include mainstream wallets and ecosystems such as MetaMask, Trust Wallet, SafePal, Phantom, and Exodus. At the same time, instant messaging software such as Discord and Telegram, email clients, password managers, gaming platforms, and even VPN applications may also become targets of the attack.
In response to this risk, Kaspersky suggests that users avoid using pirated software and unofficial game MODs, install reliable antivirus software and password management tools, and try not to save sensitive password information in the browser. In the context of the increasingly complex security situation of Crypto Assets, raising security awareness has become a key factor in protecting digital assets that cannot be ignored.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
