Video game mods are spreading new ‘Stealka’ crypto infostealer: Kaspersky

cointelegraphPublicado a 2025-12-22Actualizado a 2025-12-22

Resumen

A new malware called "Stealka" is targeting cryptocurrency wallets and browser extensions by disguising itself as video game cheats, mods, and software cracks, according to Kaspersky. The infostealer, discovered in November, is distributed through legitimate platforms like GitHub and Google Sites, and sometimes via fake professional-looking websites. It primarily targets Chromium and Gecko-based browsers—including Chrome, Firefox, and Edge—and steals autofill data, login credentials, and payment details. It also specifically targets 115 browser extensions related to crypto wallets, 2FA services, and password managers, including Binance, MetaMask, Trust Wallet, and Coinbase. Kaspersky advises using reliable antivirus software, avoiding pirated software and unofficial mods, and refraining from storing passwords in browsers.

New malware has been discovered that targets crypto wallets and browser extensions while disguising itself as game cheats and mods, says cybersecurity firm Kaspersky.

Kaspersky reported on Thursday that it had uncovered a new infostealer dubbed “Stealka,” which targets Microsoft Windows user data.

Attackers have used the malware, which was discovered in November, to hijack accounts, steal cryptocurrency, and install crypto miners on their victims’ computers while masquerading as video game cracks, cheats, and mods.

The malicious software has been distributed through legitimate platforms like GitHub, SourceForge, and Google Sites, and disguised as game mods, especially for Roblox, and software cracks for applications such as Microsoft Visio.

Sometimes, attackers go a step further, possibly using artificial intelligence tools, and creating entire fake websites that look “quite professional,” said Kaspersky researcher Artem Ushkov.

*A fake website pretending to offer Roblox scripts, Source: Kaspersky*

Crypto wallets and extensions targeted

Ushkov noted that Stealka has a fairly “extensive arsenal of capabilities,” but is particularly dangerous because its prime target is data from browsers built on the Chromium and Gecko engines.

This puts over 100 different browsers at risk, including popular ones such as Chrome, Firefox, Opera, Yandex, Edge, Brave, and many others.

Related: Hackers are exploiting a JavaScript library to plant crypto drainers

Its primary targets are autofill data, such as sign-in credentials, addresses, and payment card details, but it also targets the settings and databases of 115 browser extensions for crypto wallets, password managers, and 2FA (two-factor authentication) services.

Some of the 80 crypto wallets targeted include Binance, Coinbase, Crypto.com, SafePal, Trust Wallet, MetaMask, Ton, Phantom, Nexus, and Exodus.

Kaspersky also said the messaging apps, including Discord, Telegram, Unigram, Pidgin, and Tox, were also at risk, as were email clients, password managers, gaming clients, and even VPN applications.

Avoid pirated software and game mods

To stay protected, Kaspersky recommended using reliable antivirus software and password managers to avoid storing passwords in browsers. It also cautioned against using pirated software and unofficial game mods.

Cloudflare reported last week that more than 5% of all emails sent worldwide contain malicious content, and more than half of those contained a phishing link, while a quarter of all HTML attachments were found to be malicious.

Magazine: Big questions: Would Bitcoin survive a 10-year power outage?

Preguntas relacionadas

QWhat is the name of the new infostealer malware discovered by Kaspersky and what does it target?

AThe new infostealer is called 'Stealka'. It primarily targets data from browsers built on Chromium and Gecko engines, including autofill data (sign-in credentials, addresses, payment card details), and the settings and databases of 115 browser extensions for crypto wallets, password managers, and 2FA services.

QHow is the Stealka malware being distributed to potential victims?

AThe malware is distributed by disguising itself as video game cracks, cheats, and mods. It has been spread through legitimate platforms like GitHub, SourceForge, and Google Sites. Attackers sometimes create entire fake, professional-looking websites to host the malicious software.

QWhich specific types of applications and services are at risk from the Stealka infostealer?

AOver 100 different browsers (Chrome, Firefox, Opera, etc.), 80 crypto wallets (Binance, Coinbase, MetaMask, etc.), messaging apps (Discord, Telegram, etc.), email clients, password managers, gaming clients, and VPN applications are all at risk.

QWhat recommendations does Kaspersky provide to protect against this threat?

AKaspersky recommends using reliable antivirus software, using password managers instead of storing passwords in browsers, and avoiding the use of pirated software and unofficial game mods.

QBeyond game mods, what other type of software is commonly used as a disguise for this malware?

AThe malware is also disguised as software cracks for applications such as Microsoft Visio.

Lecturas Relacionadas

$10 Billion, Qualcomm to Acquire Chip Legend Jim Keller's Company

Global mobile chip giant Qualcomm is in advanced talks to acquire AI chip startup Tenstorrent in a deal valued between $8-10 billion, according to media reports. This potential acquisition would be one of the largest in the AI chip sector in recent years. Tenstorrent, led by legendary chip architect Jim Keller, has gained prominence for its RISC-V architecture and AI accelerator designs. The move highlights Qualcomm's strategic push to diversify beyond its core smartphone chip business. As the smartphone market matures, Qualcomm is aggressively targeting growth in automotive, data center, and cloud AI. Acquiring Tenstorrent would allow Qualcomm to rapidly enter the high-end AI computing market, bypassing lengthy in-house development cycles. Tenstorrent's cost-effective system architecture, which avoids expensive HBM memory and relies on standard Ethernet for clustering, offers a potential alternative to Nvidia's costly solutions. Furthermore, Tenstorrent's high-performance RISC-V CPU technology and its focus on the automotive and edge computing segments align with Qualcomm's strategic goals, including its "Snapdragon Digital Chassis" platform. Despite the strategic rationale, the high valuation has sparked some investor caution. The successful integration of Tenstorrent's open-source culture and independent team into Qualcomm's organization, along with the commercialization of its technology, remains a key challenge.

marsbitHace 29 min(s)

$10 Billion, Qualcomm to Acquire Chip Legend Jim Keller's Company

marsbitHace 29 min(s)

CARDS' Brutal Truth of $535M FDV: Only $43M Net Revenue, Profit Margin Halved

The article deconstructs Collector Crypt (CC), a blockchain-based platform for trading tokenized collectible cards, revealing a significant disparity between its high volume and actual business fundamentals. Key findings include: * CC's cumulative revenue of $635M is misleading; 90.6% is instantly returned to users via card buybacks, leaving only $43M in net revenue (6.7% retention). * Trading activity is minimal, with real secondary market trading below $5M. eBay sales as a percentage of volume have declined for six consecutive quarters. * The platform's user base is highly concentrated, with a few dozen high-frequency wallets driving most of the volume, resembling a "casino" with ~420 daily active players. * As volume shifts to higher-priced card packs, the net profit margin has halved from 11.2% to 5.8%. * Token value capture (via burns and buybacks) totals only $1.4M, just 3.4% of net revenue. Meanwhile, operational wallets have off-ramped $45.7M in USDC. * With a Fully Diluted Valuation (FDV) of ~$535M, the token trades at 7.3x net revenue. The float is only 20.5%, with 72% of the supply allocated to insiders and locked until November 2027. The analysis concludes that while CC has found product-market fit as a high-speed gacha machine, it shows little evidence of evolving into a sustainable collector's marketplace, with minimal value accruing to its CARDS token.

marsbitHace 34 min(s)

CARDS' Brutal Truth of $535M FDV: Only $43M Net Revenue, Profit Margin Halved

marsbitHace 34 min(s)

Arthur Hayes-Linked Wallet And Whales Accumulate Tens Of Millions In ETH

On-chain tracker Lookonchain reports significant Ethereum accumulation by a wallet linked to Arthur Hayes, purchasing 1,400 ETH (worth ~$2.51 million). This follows a prior transaction of 3,000 ETH to a possibly Hayes-linked wallet. The activity highlights renewed whale interest as ETH faces market-wide pressure. While such large-scale buying can support market sentiment by suggesting stronger hands see value, analysts caution that wallet attribution is not a direct personal confirmation. The key for traders is whether this accumulation is part of a broader pattern that can help ETH defend key support levels. The signal is considered one input among many; price confirmation and broadening spot demand beyond isolated whale wallets are still needed for a convincing recovery setup. Observers are watching for sustained exchange withdrawals to gauge longer-term positioning.

bitcoinistHace 57 min(s)

Arthur Hayes-Linked Wallet And Whales Accumulate Tens Of Millions In ETH

bitcoinistHace 57 min(s)

With SpaceX, OpenAI, and Anthropic Listing in Succession, Can the Market Really Absorb Them?

The article analyzes the market's capacity to absorb the concurrent mega-IPOs of SpaceX, OpenAI, and Anthropic, which could collectively seek over $200 billion from public markets—more than four times the total U.S. IPO volume in 2025. SpaceX, already public at a $2.1 trillion valuation, demonstrated strong demand with significant oversubscription. Anthropic, targeting a Q4 2026 listing, presents a compelling financial story with rapid revenue growth and a projected first quarterly operating profit. OpenAI, however, faces the greatest scrutiny due to its high cash burn and lack of profitability, with its eventual financial disclosures posing a key risk to its ~$1 trillion target valuation. Wall Street sentiment is divided: bulls point to ample liquidity in money markets and pent-up demand for pure-play AI stocks, while bears warn of a liquidity drain and risk transfer from private to public investors. A "capitulation long" mindset—participating despite bubble concerns—is also noted. The author concludes the market has the appetite for individual offerings, as shown by SpaceX. The real test will be whether OpenAI and Anthropic's financial fundamentals can support their valuations upon public scrutiny. The ultimate question for AI valuations remains whether enterprise adoption translates to tangible cost savings or revenue generation.

marsbitHace 1 hora(s)

With SpaceX, OpenAI, and Anthropic Listing in Succession, Can the Market Really Absorb Them?

marsbitHace 1 hora(s)

SK Hynix Stock Price Hits New High: Delivers HBM4E Samples, Reinforcing Its Leading Position in AI Memory

SK Hynix Delivers HBM4E Samples, Shares Hit Record High on Strong AI Memory Outlook SK Hynix has delivered samples of its next-generation AI memory chip, HBM4E, to major customers, sending its stock price soaring 7.3% to a historic high. The new 12-layer stacked flagship product offers a data processing speed of 16Gbps per pin, a more than 20% improvement in power efficiency, and a 17% reduction in thermal resistance compared to the previous generation. It also achieves a single-chip capacity of 48GB, enabled by Advanced MR-MUF packaging technology. This sample delivery accelerates SK Hynix's technological iteration in the high-bandwidth memory (HBM) field, solidifying its core position in the AI infrastructure supply chain. The market response reflects strong confidence in the company's ability to maintain leadership in the AI memory race, building on its established track record of mass production and supply for HBM3, HBM3E, and HBM4. The performance and efficiency gains of HBM4E are expected to enhance data processing capabilities in AI training and inference scenarios, addressing performance bottlenecks in next-generation AI systems.

marsbitHace 1 hora(s)

SK Hynix Stock Price Hits New High: Delivers HBM4E Samples, Reinforcing Its Leading Position in AI Memory

marsbitHace 1 hora(s)

Trading

Spot

Futuros