Video game mods are spreading new ‘Stealka’ crypto infostealer: Kaspersky

cointelegraphPublicado a 2025-12-22Actualizado a 2025-12-22

Resumen

A new malware called "Stealka" is targeting cryptocurrency wallets and browser extensions by disguising itself as video game cheats, mods, and software cracks, according to Kaspersky. The infostealer, discovered in November, is distributed through legitimate platforms like GitHub and Google Sites, and sometimes via fake professional-looking websites. It primarily targets Chromium and Gecko-based browsers—including Chrome, Firefox, and Edge—and steals autofill data, login credentials, and payment details. It also specifically targets 115 browser extensions related to crypto wallets, 2FA services, and password managers, including Binance, MetaMask, Trust Wallet, and Coinbase. Kaspersky advises using reliable antivirus software, avoiding pirated software and unofficial mods, and refraining from storing passwords in browsers.

New malware has been discovered that targets crypto wallets and browser extensions while disguising itself as game cheats and mods, says cybersecurity firm Kaspersky.

Kaspersky reported on Thursday that it had uncovered a new infostealer dubbed “Stealka,” which targets Microsoft Windows user data.

Attackers have used the malware, which was discovered in November, to hijack accounts, steal cryptocurrency, and install crypto miners on their victims’ computers while masquerading as video game cracks, cheats, and mods.

The malicious software has been distributed through legitimate platforms like GitHub, SourceForge, and Google Sites, and disguised as game mods, especially for Roblox, and software cracks for applications such as Microsoft Visio.

Sometimes, attackers go a step further, possibly using artificial intelligence tools, and creating entire fake websites that look “quite professional,” said Kaspersky researcher Artem Ushkov.

*A fake website pretending to offer Roblox scripts, Source: Kaspersky*

Crypto wallets and extensions targeted

Ushkov noted that Stealka has a fairly “extensive arsenal of capabilities,” but is particularly dangerous because its prime target is data from browsers built on the Chromium and Gecko engines.

This puts over 100 different browsers at risk, including popular ones such as Chrome, Firefox, Opera, Yandex, Edge, Brave, and many others.

Related: Hackers are exploiting a JavaScript library to plant crypto drainers

Its primary targets are autofill data, such as sign-in credentials, addresses, and payment card details, but it also targets the settings and databases of 115 browser extensions for crypto wallets, password managers, and 2FA (two-factor authentication) services.

Some of the 80 crypto wallets targeted include Binance, Coinbase, Crypto.com, SafePal, Trust Wallet, MetaMask, Ton, Phantom, Nexus, and Exodus.

Kaspersky also said the messaging apps, including Discord, Telegram, Unigram, Pidgin, and Tox, were also at risk, as were email clients, password managers, gaming clients, and even VPN applications.

Avoid pirated software and game mods

To stay protected, Kaspersky recommended using reliable antivirus software and password managers to avoid storing passwords in browsers. It also cautioned against using pirated software and unofficial game mods.

Cloudflare reported last week that more than 5% of all emails sent worldwide contain malicious content, and more than half of those contained a phishing link, while a quarter of all HTML attachments were found to be malicious.

Magazine: Big questions: Would Bitcoin survive a 10-year power outage?

Preguntas relacionadas

QWhat is the name of the new infostealer malware discovered by Kaspersky and what does it target?

AThe new infostealer is called 'Stealka'. It primarily targets data from browsers built on Chromium and Gecko engines, including autofill data (sign-in credentials, addresses, payment card details), and the settings and databases of 115 browser extensions for crypto wallets, password managers, and 2FA services.

QHow is the Stealka malware being distributed to potential victims?

AThe malware is distributed by disguising itself as video game cracks, cheats, and mods. It has been spread through legitimate platforms like GitHub, SourceForge, and Google Sites. Attackers sometimes create entire fake, professional-looking websites to host the malicious software.

QWhich specific types of applications and services are at risk from the Stealka infostealer?

AOver 100 different browsers (Chrome, Firefox, Opera, etc.), 80 crypto wallets (Binance, Coinbase, MetaMask, etc.), messaging apps (Discord, Telegram, etc.), email clients, password managers, gaming clients, and VPN applications are all at risk.

QWhat recommendations does Kaspersky provide to protect against this threat?

AKaspersky recommends using reliable antivirus software, using password managers instead of storing passwords in browsers, and avoiding the use of pirated software and unofficial game mods.

QBeyond game mods, what other type of software is commonly used as a disguise for this malware?

AThe malware is also disguised as software cracks for applications such as Microsoft Visio.

Lecturas Relacionadas

Trump Media’s Crypto Bet Implodes With Massive $406M Quarterly Loss

Trump Media & Technology Group, parent company of Truth Social, reported a massive $406 million net loss in Q1 2026, sharply up from $31.7 million a year earlier. The collapse was driven primarily by $370 million in unrealized losses from digital asset investments. These include a $61 million loss on 756 million Cronos tokens and a nearly $500 million gap on 9,542 Bitcoin purchased near the 2025 market peak, though Bitcoin's recent recovery has reduced that paper loss. Adding to turmoil, CEO Devin Nunes resigned in late April. Meanwhile, the company's core media revenue was only $871,200, a minimal increase. Despite the financial losses, the company generated $18 million in operating cash flow by selling options on its pledged Bitcoin holdings. Its stock, once valued at over $97, now trades around $9, reflecting a more than 90% decline from its 2022 peak.

bitcoinistHace 6 min(s)

Trump Media’s Crypto Bet Implodes With Massive $406M Quarterly Loss

bitcoinistHace 6 min(s)

Bitcoin Volatility Returns as Price Tests Critical Indicator Level

Bitcoin experienced significant volatility, briefly surpassing $82,000 before falling back to around $80,000. This triggered over $400 million in liquidations within 24 hours, though the price later recovered moderately above $81,000. The key focus is Bitcoin's approach to the critical 200-day Exponential Moving Average (EMA), a major resistance level near $82,580 that has repeatedly capped price advances since November 2025. Analyst Brett suggests a sustained break above this level could signal the end of the bear market. However, failure to breach it has historically led to sharp declines, with an average drop of 30% from this rejection zone. If this pattern repeats, Bitcoin's price could potentially fall to around $56,600 from current levels. Despite the price pressure, cryptocurrency investment products saw a sixth consecutive week of inflows totaling $4.9 billion, supported by positive sentiment around US crypto legislation.

TheNewsCryptoHace 32 min(s)

Bitcoin Volatility Returns as Price Tests Critical Indicator Level

TheNewsCryptoHace 32 min(s)

Jensen Huang's CMU Speech: In the AI Era, Don't Just Watch, Build

Jensen Huang, CEO of NVIDIA and a first-generation immigrant, delivered the commencement address to Carnegie Mellon University's class of 2026. He shared his personal journey from a humble background to founding NVIDIA, emphasizing resilience, learning from failure, and the responsibility that comes with leadership. Huang framed the present moment as the dawn of the AI revolution, a shift he believes is more profound than previous computing waves. He described AI as fundamentally resetting computing—moving from human-written software to machines that understand, reason, and use tools. This will create a new industry for generating intelligence and transform every sector. While acknowledging AI's potential to automate tasks and displace some jobs, Huang distinguished between the *tasks* of a job and its core *purpose*. He argued AI will augment human capability, not replace humans. The real risk, he stated, is not AI itself, but people being left behind by those who effectively use AI. He presented AI as a generational opportunity for massive infrastructure investment—in chip factories, data centers, energy grids, and advanced manufacturing—that could re-industrialize nations like the U.S. and bridge the digital divide by making computing and intelligent tools accessible to all. Huang called for a balanced approach: advancing AI safely and responsibly, establishing prudent policies, ensuring broad access, and encouraging universal participation. He urged the graduates not to fear the future but to engage with optimism and ambition, reminding them of CMU's motto, "My heart is in the work." His core message was clear: this is their moment to actively build and shape the AI-powered future, not merely observe it.

marsbitHace 57 min(s)

Jensen Huang's CMU Speech: In the AI Era, Don't Just Watch, Build

marsbitHace 57 min(s)

The Era Has Arrived Where Human Writers Must Prove They Are Not Machines

The article describes an era where AI-generated content is flooding the market, forcing human authors to prove they are not machines. It begins with the example of dozens of AI-written, error-ridden biographies of Henry Kissinger appearing on Amazon within hours of his death, a pattern repeated for other deceased celebrities and even living experts who find fraudulent books under their names. This spam content has exploded, with monthly new book releases on platforms like Amazon reaching 300,000 by late 2025. The issue spans genres, from suspiciously high proportions of AI-written teen romance and self-help books to dangerous, AI-generated foraging guides containing lethal advice. The platforms' automated review systems, designed to catch plagiarism and banned words, are ill-equipped to detect AI-generated text that avoids these pitfalls while being nonsensical or fraudulent. The problem has infiltrated traditional publishing. A major publisher, Hachette, had to recall a bestselling horror novel after AI detection tools suggested 78% of its content was machine-generated. An acclaimed European philosophy book was later revealed to be entirely written by AI under a fake author persona. In response, authors are fighting back. At the 2026 London Book Fair, 10,000 writers published a blank book titled "Don't Steal This Book" containing only their signatures—using emptiness as a protest weapon in an age of AI overproduction. Initiatives like the "Human Author Certification" program have emerged, ironically placing the burden on humans to prove their work is not machine-made. The article warns of a vicious cycle: AI-generated low-quality books pollute the data used to train future AI models, leading to "model collapse" and an ever-worsening flood of digital waste, eroding trust in publishing and devaluing human creativity.

marsbitHace 1 hora(s)

The Era Has Arrived Where Human Writers Must Prove They Are Not Machines

marsbitHace 1 hora(s)

Strategy CEO Highlights Scenarios Where Company Would Sell Bitcoin — Report

Strategy CEO Phong Le outlined potential scenarios for the company to sell portions of its massive Bitcoin holdings, a departure from its "Never Sell" philosophy. In a CNBC interview, Le stated sales could occur to finance dividend payments for its Perpetual Preferred Stock if doing so increases shareholder value, defined as a rise in "Bitcoin per share." He emphasized a data-driven approach, prioritizing math over ideology. Other reasons include when the company's book value is below market value or to capture tax benefits. As the largest corporate holder with 818,334 BTC (~$65 billion), Strategy has significant annual dividend obligations (~$1.5 billion). Le believes the Bitcoin market's high liquidity (~$60B daily volume) can absorb such sales without major price impact. Bitcoin currently trades around $80,840.

bitcoinistHace 1 hora(s)

Strategy CEO Highlights Scenarios Where Company Would Sell Bitcoin — Report

bitcoinistHace 1 hora(s)

Trading

Spot

Futuros