New ‘Stealka’ Malware Threatens Gamers and Crypto Wallets via Fake Mods

A new and dangerous threat is targeting gamers online. Cybersecurity experts at Kaspersky have discovered a sophisticated infostealer called Stealka. This malware is cleverly disguised as popular game modifications (mods) for titles like Roblox and Grand Theft Auto V (GTA V). Its primary goal is to steal cryptocurrency wallet credentials and other sensitive information from unsuspecting players.

The Deceptive Spread of Stealka Malware

The threat uses deceptive tactics to spread across the internet. Attackers create fake, professional-looking websites and software repositories on platforms that users trust, such as GitHub, SourceForge, and Softpedia. These sites falsely advertise popular game mods or cheats. When a user downloads the file, they unknowingly install the Stealka malware on their computer. Some fake sites even falsely claim to scan for viruses to appear more legitimate.

What Stealka Malware Steals from Your Computer

Once installed, Stealka has a wide-ranging and dangerous capability. It doesn’t just target one or two things—it goes after a massive amount of data:
1. Cryptocurrency Assets: It specifically targets over 115 browser extensions for crypto wallets like MetaMask, Binance, Trust Wallet, and Phantom. It also extracts data from dozens of local wallet applications.
2. Browser & Account Access: The malware steals autofill data, saved passwords, cookies, and session tokens. This data lets attackers bypass two-factor authentication and take over your online accounts without needing your password.
3. Other Sensitive Data: Stealka also harvests information from messaging apps (Discord, Telegram), email clients, gaming launchers (Steam), and even captures screenshots.

Essential Steps for Protection and Safety

Protecting yourself from this threat requires caution. You should follow these key security steps recommended by experts:
1. Avoid Untrusted Downloads: Do not download game cheats, mods, or pirated software from unofficial or suspicious websites, regardless of how professional they look.
2. Use Strong Security Software: Ensure you have a reliable, up-to-date antivirus program installed on your computer.
3. Secure Your Credentials: Never store passwords, seed phrases, or private keys in your web browser’s built-in password manager or in unencrypted text files. Use a dedicated, encrypted password manager.
4. Be Skeptical: Enable two-factor authentication (2FA) for all important accounts, but be aware that advanced stealers can sometimes bypass it if they steal session cookies.