Video game mods are spreading new ‘Stealka’ crypto infostealer: Kaspersky

cointelegraphPubblicato 2025-12-22Pubblicato ultima volta 2025-12-22

Introduzione

A new malware called "Stealka" is targeting cryptocurrency wallets and browser extensions by disguising itself as video game cheats, mods, and software cracks, according to Kaspersky. The infostealer, discovered in November, is distributed through legitimate platforms like GitHub and Google Sites, and sometimes via fake professional-looking websites. It primarily targets Chromium and Gecko-based browsers—including Chrome, Firefox, and Edge—and steals autofill data, login credentials, and payment details. It also specifically targets 115 browser extensions related to crypto wallets, 2FA services, and password managers, including Binance, MetaMask, Trust Wallet, and Coinbase. Kaspersky advises using reliable antivirus software, avoiding pirated software and unofficial mods, and refraining from storing passwords in browsers.

New malware has been discovered that targets crypto wallets and browser extensions while disguising itself as game cheats and mods, says cybersecurity firm Kaspersky.

Kaspersky reported on Thursday that it had uncovered a new infostealer dubbed “Stealka,” which targets Microsoft Windows user data.

Attackers have used the malware, which was discovered in November, to hijack accounts, steal cryptocurrency, and install crypto miners on their victims’ computers while masquerading as video game cracks, cheats, and mods.

The malicious software has been distributed through legitimate platforms like GitHub, SourceForge, and Google Sites, and disguised as game mods, especially for Roblox, and software cracks for applications such as Microsoft Visio.

Sometimes, attackers go a step further, possibly using artificial intelligence tools, and creating entire fake websites that look “quite professional,” said Kaspersky researcher Artem Ushkov.

*A fake website pretending to offer Roblox scripts, Source: Kaspersky*

Crypto wallets and extensions targeted

Ushkov noted that Stealka has a fairly “extensive arsenal of capabilities,” but is particularly dangerous because its prime target is data from browsers built on the Chromium and Gecko engines.

This puts over 100 different browsers at risk, including popular ones such as Chrome, Firefox, Opera, Yandex, Edge, Brave, and many others.

Related: Hackers are exploiting a JavaScript library to plant crypto drainers

Its primary targets are autofill data, such as sign-in credentials, addresses, and payment card details, but it also targets the settings and databases of 115 browser extensions for crypto wallets, password managers, and 2FA (two-factor authentication) services.

Some of the 80 crypto wallets targeted include Binance, Coinbase, Crypto.com, SafePal, Trust Wallet, MetaMask, Ton, Phantom, Nexus, and Exodus.

Kaspersky also said the messaging apps, including Discord, Telegram, Unigram, Pidgin, and Tox, were also at risk, as were email clients, password managers, gaming clients, and even VPN applications.

Avoid pirated software and game mods

To stay protected, Kaspersky recommended using reliable antivirus software and password managers to avoid storing passwords in browsers. It also cautioned against using pirated software and unofficial game mods.

Cloudflare reported last week that more than 5% of all emails sent worldwide contain malicious content, and more than half of those contained a phishing link, while a quarter of all HTML attachments were found to be malicious.

Magazine: Big questions: Would Bitcoin survive a 10-year power outage?

Domande pertinenti

QWhat is the name of the new infostealer malware discovered by Kaspersky and what does it target?

AThe new infostealer is called 'Stealka'. It primarily targets data from browsers built on Chromium and Gecko engines, including autofill data (sign-in credentials, addresses, payment card details), and the settings and databases of 115 browser extensions for crypto wallets, password managers, and 2FA services.

QHow is the Stealka malware being distributed to potential victims?

AThe malware is distributed by disguising itself as video game cracks, cheats, and mods. It has been spread through legitimate platforms like GitHub, SourceForge, and Google Sites. Attackers sometimes create entire fake, professional-looking websites to host the malicious software.

QWhich specific types of applications and services are at risk from the Stealka infostealer?

AOver 100 different browsers (Chrome, Firefox, Opera, etc.), 80 crypto wallets (Binance, Coinbase, MetaMask, etc.), messaging apps (Discord, Telegram, etc.), email clients, password managers, gaming clients, and VPN applications are all at risk.

QWhat recommendations does Kaspersky provide to protect against this threat?

AKaspersky recommends using reliable antivirus software, using password managers instead of storing passwords in browsers, and avoiding the use of pirated software and unofficial game mods.

QBeyond game mods, what other type of software is commonly used as a disguise for this malware?

AThe malware is also disguised as software cracks for applications such as Microsoft Visio.

Letture associate

Top 3 Meme Coins To Watch Now, With One New Token Leading the 15,000% Growth Narrative

With meme coins regaining popularity in the bull market, three stand out for potential gains. The article highlights established tokens like **$PEPE** and **$BONK**, noting their strong communities and ecosystems, but suggests they may not replicate past explosive growth. The primary focus is the emerging **Little Pepe ($LILPEPE)**, positioned as the leader of a 15,000% growth narrative. Key points include a successful $28+ million presale currently in stage 13 and a unique value proposition. Unlike typical meme coins, $LILPEPE features its own Layer 2 blockchain for fast, cheap transactions, zero-tax trading, anti-sniper bot protection, staking, a meme launchpad, and DAO governance. A $777,000 token giveaway is also planned to boost presale engagement. The conclusion notes a shift in investor interest towards early-stage tokens with high upside potential and utility, suggesting that while Pepe and Bonk are solid, new entrants like Little Pepe could drive the next major wave of growth in the meme coin sector.

TheNewsCrypto1 min fa

Top 3 Meme Coins To Watch Now, With One New Token Leading the 15,000% Growth Narrative

TheNewsCrypto1 min fa

Casper Network Publishes the Casper Manifest, a Multi-Year Roadmap to Power Regulated Real-World Assets and the Machine Economy

The Casper Association has published "The Casper Manifest," a multi-year technical roadmap for Casper Network. Introduced at the Digital Finance Forum in Bermuda, the roadmap outlines nine coordinated initiatives designed to position the layer-1 blockchain as the infrastructure for regulated real-world asset (RWA) tokenization and the machine-to-machine economy. Key initiatives focus on: 1. **Developer Access:** Adding full Ethereum Virtual Machine (EVM) compatibility alongside its existing WebAssembly (Wasm) execution layer. 2. **User Experience:** Implementing gasless transactions, batch operations, and smart accounts with biometric authentication. 3. **Institutional Compliance & Privacy:** Building compliant security tokens aligned with the ERC-3643 standard and a multi-phase roadmap for confidential transactions with built-in audit tools. 4. **Machine Economy:** Implementing the X402 open payment standard to enable AI agents and machines to make autonomous, programmatic micropayments. 5. **Token Infrastructure:** Creating a Native Token Registry to give all tokens protocol-level status with fixed, predictable costs. 6. **Quantum Safety:** Developing hybrid accounts with both classical and quantum-resistant keys. The first initiative, X402 micropayments, is expected within weeks. Subsequent releases through 2026 and 2027 will include EVM compatibility, compliant security tokens, the Native Token Registry, gasless transactions, and quantum-safe features. The goal is to create a blockchain that is frictionless for users, trusted by institutions, and native for machines.

TheNewsCrypto52 min fa

Casper Network Publishes the Casper Manifest, a Multi-Year Roadmap to Power Regulated Real-World Assets and the Machine Economy

TheNewsCrypto52 min fa

Why Analysts Are Pointing to a 50×–75× Return Range for Ozak AI as One of the Strongest Early AI Crypto Setups

Analysts project that the AI-powered cryptocurrency project Ozak AI (OZ) could achieve a return on investment (ROI) range of 50x to 75x. This potential is based on the strong momentum of its ongoing presale, which has already sold over 1.05 billion tokens, raising approximately $7.1 million and seeing the token price rise from $0.001 to $0.014. If these ROI targets are met, the current price of $0.014 could reach between $0.70 and $1.05. The foundation for this projected growth is attributed to Ozak AI's technological framework, which combines AI tools, tokenized growth, and decentralized infrastructure. Key components include the Decentralized Physical Infrastructure Network (DePIN) for scalable data processing and the x402 Protocol, designed to lower development costs and enable autonomous ecosystem agents. Early-stage partnerships, such as with Phala Network for secure AI predictions and Meganet for efficient real-time computing, are also cited as factors supporting the bullish ROI forecast. Analysts believe these alliances and the underlying technology will help sustain growth momentum, particularly after the token is listed on exchanges. *Disclaimer: This summary is for informational purposes only and does not constitute investment advice.*

TheNewsCrypto1 h fa

Why Analysts Are Pointing to a 50×–75× Return Range for Ozak AI as One of the Strongest Early AI Crypto Setups

TheNewsCrypto1 h fa

XRP Price Outlook: XRP Pushes Toward $5, but This Low-Cap Token Could Explode 9,800% First

The article discusses XRP's positive price outlook, with potential to reach $5 due to increasing adoption in cross-border payments. However, it notes XRP's high market cap may limit its growth rate, leading investors to seek higher percentage gains in lower-capitalization tokens. It introduces Little Pepe ($LILPEPE), a utility-based meme token, as a prime example. Having raised over $28 million in presale, the token is currently priced at $0.0022, with a prediction of a potential 9,800% increase to $0.22. The project features a Layer 2 blockchain on Ethereum, zero-tax trading, staking rewards, and a DAO. The article suggests a trend of investors shifting focus from assets like XRP to high-yield opportunities like Little Pepe for greater returns. A disclaimer states the content is not investment advice.

TheNewsCrypto1 h fa

XRP Price Outlook: XRP Pushes Toward $5, but This Low-Cap Token Could Explode 9,800% First

TheNewsCrypto1 h fa

TechFlow Intelligence: Trump-Linked Companies Transfer $12 Million in Assets Before China Visit, 'The Big Short' Protagonist Warns of Stock Market Bubble Again

The article reports multiple developments across tech, crypto, and finance. In AI, Mozilla used AI for large-scale code review, Google confirmed hackers used AI to find zero-day exploits, and OpenAI deployed GPT-5.5 to find errors in math benchmarks. A court ruled Anthropic's scanning and destroying books for AI training as fair use, while its Claude platform launched on AWS. Google's new video model 'Omni' was leaked. In crypto/Web3, Trump-linked companies transferred $12M in crypto assets before a China visit. BlackRock chose Ethereum for tokenized funds, and a hacker stole $174k via a malicious NFT that tricked an AI. Jack Dorsey's first tweet NFT plummeted from $2.9M to under $5. In chips/hardware, TSMC approved an additional $20B for its Arizona plant. Apple's Tim Cook and Elon Musk will accompany Trump to China, while Nvidia's Jensen Huang is notably absent. For markets, Michael Burry warned of parabolic stock rises and suggested near-total sell-offs, with online discussions comparing current sentiment to the 1999 bubble. Other notes include WTI oil surpassing $100, a 20% price hike for Beijing-Shanghai high-speed rail, and new products like Unitree's $26.9k humanoid robot. The underlying theme suggests AI is becoming infrastructure, creating pressure on old systems while a new order is not yet ready, leaving investors anxious.

marsbit1 h fa

TechFlow Intelligence: Trump-Linked Companies Transfer $12 Million in Assets Before China Visit, 'The Big Short' Protagonist Warns of Stock Market Bubble Again

marsbit1 h fa

Trading

Spot

Futures