Crypto Theft Hides In Plain Sight Inside Popular Game Mods—Kaspersky

bitcoinistPublicado em 2025-12-23Última atualização em 2025-12-23

Resumo

Kaspersky warns of a new infostealer malware called "Stealka" distributed through fake video game mods and cracked software, primarily targeting Windows users. Disguised as cheats or utility cracks for popular titles like Roblox or Microsoft Visio, the malware is hosted on platforms like GitHub and Google Sites to appear legitimate. Once executed, Stealka steals browser data, saved passwords, and cryptocurrency wallet information—targeting over 115 browser extensions including MetaMask, Binance Wallet, and Coinbase. It collects private keys, seed phrases, and autofill data, enabling account takeovers and further malicious spread. Detected initially in Russia, Turkey, Brazil, Germany, and India, the malware is sometimes bundled with cryptomining code. Users are advised to avoid unofficial software, use antivirus tools, enable two-factor authentication, and verify file checksums before installation.

Kaspersky has warned that a new infostealer called “Stealka” is being spread through bogus video game mods and cracked software, putting crypto users and gamers at risk.

The malware was identified in November 2025 and is delivered as what looks like harmless game add-ons or utility cracks. Systems running Windows are the main target.

Attackers Hide Malware In Mods

Reports have disclosed that Stealka is disguised as cheats, mods and cracks for popular titles, with fake packages posted to places users normally trust. Files have been seen on GitHub, SourceForge, Softpedia and Google Sites, which helps the downloads look legitimate.

In some cases, the malware was packaged as a Roblox mod or as a cracked copy of Microsoft Visio. According to Kaspersky, the campaign uses convincing websites and may employ automated tools to create professional pages that trick people into clicking download links.

Data And Wallets Targeted

Once run, Stealka searches for browser data, saved passwords and crypto wallet information. Based on reports, it targets more than 115 browser extensions tied to wallets, password managers and two-factor apps.

Extensions for MetaMask, Binance Wallet, Coinbase and other popular wallets are among those at risk. Private keys, seed phrases and wallet file paths can be exposed on an infected machine, and stored browser cards and autofill entries are also collected.

Total crypto market cap currently at $3.01 trillion. Chart: TradingView

Victims’ accounts can be taken over using the stolen credentials, and that access can then be used to push further malicious links to friends or followers.

How The Threat Spreads And Where It’s Seen

Kaspersky’s telemetry shows initial detections in Russia, with additional cases reported in Turkey, Brazil, Germany and India.

Distribution methods vary. Sometimes a single download bundle carries Stealka; other times it is paired with cryptominer code so infected computers also mine cryptocurrency for the attackers.

Files hosted on trusted developer portals make it harder for users to spot danger, and the malware’s wide reach means standard precautions can still be bypassed if users ignore basic safety steps.

Recommendations For Users

According to cybersecurity advisories, avoid unofficial or pirated software and only download mods from verified, trusted creators. Use a reputable antivirus product and keep it updated.

Password managers are recommended over saving credentials in browsers, and two-factor authentication should be enabled for crypto accounts when available.

Keep Windows and applications patched, and check that a downloaded file’s checksum or digital signature matches the developer’s published value before running installers.

Featured image from Kaspersky, chart from TradingView

Perguntas relacionadas

QWhat is the name of the new infostealer malware being spread through fake game mods and cracked software?

AThe new infostealer malware is called 'Stealka'.

QWhich operating systems are the primary target of the Stealka malware?

ASystems running Windows are the main target of the Stealka malware.

QWhat types of sensitive information does the Stealka malware steal from infected computers?

AStealka steals browser data, saved passwords, crypto wallet information, private keys, seed phrases, wallet file paths, stored browser cards, and autofill entries.

QName at least two trusted online platforms where the fake packages containing the malware were found.

AFake packages containing the malware were found on GitHub, SourceForge, Softpedia, and Google Sites.

QWhat are two key security recommendations provided to protect against this threat?

ATwo key recommendations are to avoid unofficial or pirated software and to use a reputable, updated antivirus product. Additionally, using password managers and enabling two-factor authentication for crypto accounts is advised.

Leituras Relacionadas

How to Do Research Well: Deliberately Practice the Real Skills That Matter

No one truly teaches you how to do research. You're often given a desk, a pre-selected problem, and vague instructions to "create something new." Consequently, many people reverse-engineer the job based on visible outputs—papers, posts, announcements—learning only how to *appear* like a researcher rather than how to *become* one. True research capability is built from stacking small, trainable skills, nearly all of which can be developed through deliberate practice. **Pick Your Own Problem:** Most researchers absorb problems from advisors or trends, lacking the underlying reasoning. Choosing a problem you genuinely care about, as John Schulman advises, leads to original work. Develop "taste" like a muscle: predict experiment outcomes, guess paper results from methods, and track which findings remain important over time. **Upgrade Your Inputs:** Relying on shared reading lists (arXiv hot lists, filtered group chats) leads to unoriginal conclusions. Undervalued old literature often holds crucial insights (e.g., MoE, LSTM, backpropagation). Richard Sutton's "The Bitter Lesson" or Claude Shannon's 1952 talk on creative thinking are more predictive than lengthy modern surveys. Breadth matters as much as depth: draw from neuroscience, mechanism design, hardware knowledge, and honest statistics. Read papers directly, especially appendices and limitations sections. **Write Everything Down:** As Paul Graham noted, writing exposes flaws in seemingly mature ideas. Writing is the cheapest defense against self-deception. Following Feynman's principle, Darwin programmatically wrote down facts contradicting his theory to combat memory bias. Maintain a detailed log of hypotheses, setups, predictions, results, and updated understandings. Reviewing past logs fosters essential humility.

marsbitHá 1h

How to Do Research Well: Deliberately Practice the Real Skills That Matter

marsbitHá 1h

Backpack Surges Over 150% in Half a Month

BP, the token of the Backpack exchange, has surged over 150% since early June, driven by the platform's expansion into regulated US stock brokerage and asset tokenization services. On June 2nd, Backpack announced Backpack Securities, offering traditional stock trading and tokenization, causing BP's price to jump over 80%. Momentum continued on June 12th with the launch of SPCX, a tokenized product for SpaceX stock on Solana, facilitating seamless conversion between traditional securities and on-chain assets. This aligns with the RWA (Real World Assets) narrative, creating a bridge between traditional finance and Solana DeFi. The token's unique economics also support its growth. All 2.5 billion initially circulating tokens were airdropped to the community, with zero allocation to the team or investors at launch. A key feature allows users who stake BP for at least one year to gain the right to convert tokens into company equity upon an IPO or acquisition. Despite some initial community controversy over airdrop distribution, focus is shifting to BP's long-term utility and value alignment as real products launch.

marsbitHá 1h

Backpack Surges Over 150% in Half a Month

marsbitHá 1h

Following US Ban on Fable 5, Zhipu AI's Stock Soars 47%

On June 15th, shares of Zhipu AI surged dramatically on the Hong Kong stock market, peaking at a 47.6% gain before closing 32.82% higher. This sharp increase was directly triggered by two recent industry events. On June 12th, Anthropic announced it was suspending global access to its latest flagship models, Claude Fable 5 and Claude Mythos 5, to comply with a U.S. government export control order. The next day, Zhipu AI announced it would open access to its latest open-source flagship model, GLM-5.2, under the permissive MIT license. The Anthropic incident highlighted a critical issue beyond raw model capability: the risk of sudden, unpredictable loss of access to advanced AI models, especially for developers and enterprises deeply integrated with them. This has shifted industry and market focus toward factors like stability, sustainable access, and controllability. Zhipu's move, promoting "frontier intelligence for all," positions its openly available model as a reliable and accessible alternative. The GLM-5.2 model emphasizes "Long Horizon Task" capabilities with a 1M context window, targeting complex, multi-step coding and engineering workflows where maintaining context is crucial. Analysts note this event exposes the risk of dependency on closed-source models subject to single jurisdictional controls, potentially accelerating a shift toward domestic base models and localized deployments. The market's reaction signals a new valuation dimension in AI: providers who can offer stable, long-term, and sustainably accessible AI capabilities are gaining strategic importance.

marsbitHá 1h

Following US Ban on Fable 5, Zhipu AI's Stock Soars 47%

marsbitHá 1h

Fully Entering the AI Era: Alipay Bets on Conversation, WeChat Holds Fast to Social

In May 2026, Alipay announced over 300 million AI payment transactions. Shortly after, WeChat opened its mini-programs for AI integration, sparking controversy by requiring developer source code access. This highlights their diverging approaches to AI integration. Alipay is testing "Project Treasure," an optional AI-native interface replacing traditional app grids with a conversational window. Users can command complex tasks (e.g., "book a ride and order coffee") handled end-to-end by AI. This shift follows an abandoned standalone AI app, focusing instead on enhancing its existing user base. For unmodified mini-programs, Alipay's AI uses "screen-reading" to simulate user interactions, bypassing the need for developer overhaul. It also introduced "Token Pay" for micro-transactions and "AI Wallets" for autonomous agent spending. WeChat, prioritizing its core social function, is taking an embedded approach. Its AI agent will operate within existing contexts like group chats and official accounts, assisting without a separate interface. To enable this, WeChat offers developers two paths: granting source code access for direct AI control ("Automatic Mode") or manually encapsulating services into standardized "Skills." Both place significant burden on developers. Key differences emerge in handling legacy services: WeChat demands developer cooperation (code or labor), while Alipay's screen-reading offers immediate, if potentially less stable, compatibility. Alipay's 3 billion AI transactions demonstrate user acceptance of AI-driven commercial actions. The divergent strategies may reshape mini-program ecosystems—Alipay passively "AI-fying" services, WeChat potentially favoring resource-rich developers—and set competing technical standards. Ultimately, the competition centers on where users entrust the command to "help me get things done."

marsbitHá 1h

Fully Entering the AI Era: Alipay Bets on Conversation, WeChat Holds Fast to Social

marsbitHá 1h

Supply Chain, Energy, and Bloc Formation: Untangling the Core Threads of 2026 AI Investment

The core thesis for 2026 investment is a shift from traditional growth-inflation analysis towards a geopolitical framework of strategic blocs, supply chain reconfiguration, and capital expenditure (capex) direction. The US is moving from a global guarantor role towards a more bounded "camp system," reshaping trade, security, and technology flows. Key investment themes emerge from this realignment: production-capable US-aligned economies (e.g., Japan, South Korea), regional security focusing on Latin America, and the hard constraint of energy/grid capacity enabling reshoring. Europe's strength lies not in macro growth but in its high-quality "pick-and-shovel" industrial, electrical, and automation exporters serving the global capex cycle. AI remains the central US-China strategic battleground, driving massive investment in compute, power, and manufacturing stacks, with robotics gaining prominence. The investment implication is a rotation away from crowded US mega-cap tech momentum toward global beneficiaries of this restructuring: electrification equipment, industrial automation, energy storage, grid infrastructure, and select non-US markets. 2026 will be defined by investment intensity driven by geopolitical repositioning, not near-term commercial maturity.

marsbitHá 2h

Supply Chain, Energy, and Bloc Formation: Untangling the Core Threads of 2026 AI Investment

marsbitHá 2h

Trading

Spot
Futuros

Artigos em Destaque

O que é ATWO

I. Introdução ao ProjetoArena Two é uma plataforma interativa descentralizada que permite aos fãs desempenhar um papel ativo e tokenizado nos resultados de eventos em tempo real. Ao contrário dos modelos tradicionais de transmissão que reduzem os fãs a espectadores passivos, a Arena Two utiliza a tecnologia blockchain para permitir que os fãs votem diretamente em tempo real e influenciem os resultados em campo.II. Informação sobre o TokenNome do token: ATWO(Arena Two)III. Links RelacionadosWebsite:https://arenatwo.com/Exploradores:https://basescan.org/token/0x499D35eBE6cEe9B2Ac35Fd003fcBbeeB9CFc7B32Twitter:https://x.com/arenatwoXNota: A introdução ao projeto provém dos materiais publicados ou fornecidos pela equipa oficial do projeto, que é apenas para referência e não constitui aconselhamento de investimento. A HTX não se responsabiliza por quaisquer perdas diretas ou indiretas resultantes.

258 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.02

O que é ATWO

Como comprar ATWO

Bem-vindo à HTX.com!Tornámos a compra de Arena Two (ATWO) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar Arena Two (ATWO) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu Arena Two (ATWO)Depois de comprar o teu Arena Two (ATWO), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona Arena Two (ATWO)Transaciona facilmente Arena Two (ATWO) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

141 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.02

Como comprar ATWO

O que é ZEST

I. Introdução ao Projeto1. O que é o Zest Protocol?O Zest Protocol é um protocolo de empréstimos nativo do Bitcoin construído na camada 2 do Stacks que permite aos utilizadores ganhar rendimento com BTC ou emprestar ativos colateralizando BTC. Os contratos inteligentes do protocolo são escritos na linguagem Clarity, operam totalmente em cadeia e são de código aberto, com um design inspirado no Aave v3. O Zest é atualmente o maior protocolo DeFi no Stacks, com mais de 800 BTC depositados e um pico de TVL superior a 100 milhões de dólares. Em maio de 2026, o protocolo introduziu ainda os Cofres de Colateral em Bitcoin, estendendo as capacidades de empréstimo do Stacks para a rede principal do Bitcoin. Isso permite que os utilizadores emprestem stablecoins sem mover BTC da rede Bitcoin, possibilitando empréstimos com custódia própria.2. Como funciona o Zest Protocol?O Zest Protocol consiste em dois mercados. O mercado do Stacks é construído sobre o Aave v3, permitindo que os utilizadores depositem ativos como sBTC, STX e USDC para ganhar rendimento ou contrair empréstimos sobre-colateralizados. O LTV máximo padrão é de 50% (70% para sBTC). O mercado do Bitcoin opera através dos recém-lançados Cofres de Colateral em Bitcoin. Os utilizadores emprestam stablecoins ao bloquear BTC em cofres de custódia própria na cadeia do Bitcoin. O colateral permanece na rede principal do Bitcoin durante todo o processo, e os utilizadores mantêm a custódia, a menos que a posição seja liquidada.3. Quem fundou o Zest Protocol?Tycho Onnasch (Co-Fundador): Formado na Universidade de Oxford. Envolvido em pesquisa e subsídios para a Stacks Open Internet Foundation. Antigo Gestor na Trust Machines e Fundador da Deedmob. Perfil do LinkedIn: https://www.linkedin.com/in/tychokoonnasch/.Fernando Foy (Co-Fundador): Trabalhou anteriormente em consultoria de TI na Objectif Emploi. Perfil do LinkedIn: https://www.linkedin.com/in/fernando-foy/.Emil E. (Co-Fundador): Possui um Mestrado em Física pela Universidade de Warwick. Antigo Partner de Engenharia na Trust Machines, Desenvolvedor Full-Stack para projetos Web3 e Cientista de Dados no HSBC. Perfil do LinkedIn: https://www.linkedin.com/in/emil-e-49771a145/.Detalhes de Financiamento: Em maio de 2024, o Zest Protocol anunciou a conclusão de uma ronda de financiamento inicial de 3,5 milhões de dólares liderada por Tim Draper, com a participação da Binance Labs, Flow Traders, Trust Machines, entre outros.4. Tokenomics do $ZEST$ZEST é o token nativo do Zest Protocol com um fornecimento total fixo de 1 mil milhões de tokens e sem mecanismo inflacionário.Comunidade (27,83%): Usado para airdrops e incentivos aos utilizadores;Desenvolvimento do Ecossistema (24,82%): Usado para liquidez, parcerias, marketing, listagens em bolsas, etc.;Investidores (22,35%): Apoio às partes investidoras que apoiaram o desenvolvimento inicial do Zest Protocol;Equipa (25%): Alocado para colaboradores principais.Calendário de Vesting: Os tokens da Equipa e dos Investidores estão sujeitos a um período de bloqueio de 1 ano, seguido de 3 anos de desbloqueio linear.5. Cronologia dos Principais Marcos2022: O Zest Protocol é oficialmente fundado.Março de 2024: Concluída a auditoria de segurança e lançado o mercado de empréstimos do Stacks na rede principal.Em fevereiro de 2026, é lançado o Stacks Market V2, introduzindo Grupos de Risco.Em maio de 2026, foram introduzidos os Cofres de Colateral em Bitcoin, e um protótipo operacional da rede principal está agora disponível. Isso permite que os utilizadores utilizem BTC com custódia própria na L1 do Bitcoin como colateral para emprestar stablecoins em cadeias EVM, encerrando a necessidade de bridging, wrapping e custódia de terceiros. Este lançamento é dividido em duas fases. Fase 1: Utiliza transações pré-assinadas para restringir o movimento de BTC; Fase 2: Utiliza BitVM para verificação. II. Informações sobre o TokenNome do token: ZEST (Zest Protocol)III. Links RelacionadosWebsite: https://www.zestprotocol.com/Exploradores: https://bscscan.com/token/0x5506599c722389a60580b5213ea1da60d64754a1Twitter: https://twitter.com/ZestProtocolNota: A introdução ao projeto provém dos materiais publicados ou fornecidos pela equipa oficial do projeto, que é apenas para referência e não constitui aconselhamento de investimento. A HTX não se responsabiliza por quaisquer perdas diretas ou indiretas resultantes.

203 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.02

O que é ZEST

Discussões

Bem-vindo à Comunidade HTX. Aqui, pode manter-se informado sobre os mais recentes desenvolvimentos da plataforma e obter acesso a análises profissionais de mercado. As opiniões dos utilizadores sobre o preço de A (A) são apresentadas abaixo.

活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow