Connect with us

Hi, what are you looking for?

Finance

Security Alert! New Malware targets more than 40 Crypto wallets to steal private keys

The Mars Stealer can be spread through various means, such as file-hosting websites, torrent clients, or any other shady means of downloading

New malware targeting crypto wallets with a grabber function that steals user private keys is attacking over 40 crypto wallets and popular two-factor authentication (2FA) extensions. According to a report from CoinTelegraph, the new cryptocurrency malware targets cryptocurrency wallets which work as browser extensions.

According to security researcher 3xp0rt, the new malware is dubbed Mars Stealer by its developers and is an upgrade from the info-stealing Oski trojan of 2019.

Mars Stealer written in ASM/C with using WinApi, weight is 95 kb. Uses special techniques to hide WinApi calls, encrypts strings, collects information in the memory, supports secured SSL-connection with C&C, doesn’t use CRT, STD

3xp0rt via his official blog post

MetaMask, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet and TronLink are just a few of the wallets that have been targeted. It is noted by the security expert that the malware can attack extensions that are installed on Chromium-based browsers except Opera. It is sad to note that some of the most popular browsers have made the list, such as Google Chrome, Microsoft Edge and Brave. As well as being safe from extensions-specific attacks, Firefox and Opera are also vulnerable to credentials-hijacking attacks.

The Mars Stealer can be spread through various means, such as file-hosting websites, torrent clients, or any other shady means of downloading. When malware infects a system, the first thing it does is check the language of the device. Should the language ID match that of Kazakhstan, Uzbekistan, Azerbaijan, Belarus or Russia, then the software leaves the system without causing any harm.

For the rest of the world, this malware targets a file that holds sensitive information such as the address of a crypto wallet and its private keys. Upon the theft being completed, the malware leaves the system by deleting any presence it has left.

As of right now, hackers are selling Mars Stealer for $140 on dark web forums, which means that for malicious actors the steps to gain access to the trojan are relatively simple. It is advised that users who handle their crypto assets in browser-based wallets or who use browser extensions such as Authy to manage their 2FA should exercise caution when clicking dubious links or downloading files.

Advertisement

You May Also Like

By 360

Thousands of MILLIONAIRES are made every single cycle! Will you be one of them?

By 360

Elon Musk’s announcement which resulted in MASS FOMO retail driven buying was an X FACTOR of this cycle.

Business

The central banks would design and define the monetary and governance rules for their digital currency by using Consensys' Quorum platform

Exclusive

Are you taking all necessary steps to keep your crypto assets safe?

Subscribe to our Free Trade of the Month Newsletter
Submit your name and email and receive access to 360 Elite Trifecta Trading Alerts free for one month worth $129!
Get a free trading signal every month!
Subscribe to our Free Trade of the Month Newsletter
Submit your name and email and receive access to 360 Elite Trifecta Trading Alerts free for one month worth $129!
Get a free trading signal every month!
polkadot
Polkadot (DOT) $ 9.45 1.26%
bitcoin
Bitcoin (BTC) $ 70,038.77 1.14%
ethereum
Ethereum (ETH) $ 3,545.55 1.31%
cardano
Cardano (ADA) $ 0.646487 0.87%
xrp
XRP (XRP) $ 0.62286 0.00%
stellar
Stellar (XLM) $ 0.142876 4.11%
litecoin
Litecoin (LTC) $ 100.98 5.28%