Kaspersky Warns: Stealka Malware Stealing Crypto Keys from MetaMask, Coinbase, and 80+ Wallets

Stealka malware steals logins and crypto keys from 100+ browsers and 80+ wallets, including MetaMask, Coinbase, and Trust Wallet.

Kaspersky has warned users about a new malware threat called Stealka that targets cryptocurrency wallets and browser data.

The malware spreads through fake game cheats, mods, and pirated software that appear on trusted platforms. Once installed, Stealka steals sensitive information and can also install crypto miners on infected devices.

Stealka Malware Masquerades as Game Mods and Software Cracks

Security researchers have reported that malicious video game mods are being used to distribute the Stealka infostealer. The malware is aimed at cryptocurrency users and is hidden inside files presented as game cheats, mods, and cracked software.

These files often circulate on platforms that many users already trust.

Kaspersky researchers said users expose themselves by manually downloading and running these files. The malware does not spread automatically and depends on user action.

As a result, experts urge users to stay cautious and download software only from verified, official sources.

The attackers rely on familiar game titles and popular software names to attract downloads. Once installed, Stealka begins collecting sensitive data from the system.

Kaspersky continues to monitor the campaign and urges users to avoid unofficial game modifications.

Browsers and Crypto Wallet Extensions Are the Primary Targets

Stealka actively targets over 100 browsers and more than 80 cryptocurrency wallets. According to Kaspersky, the malware can extract saved logins, private keys, and seed phrases from wallet extensions such as MetaMask, Binance, Coinbase, Phantom, and Trust Wallet.

After collecting this data, attackers can gain full access to users’ crypto assets.

The malware focuses on browsers that are based on Chromium and Gecko engines. These include widely used browsers such as Chrome, Firefox, Edge, Brave, and Opera.

It collects data stored in autofill forms, cookies, and saved sessions. This may allow attackers to bypass login systems and access user accounts directly.

To stay protected, experts urge users to avoid pirated software and unofficial game modifications.

Kaspersky recommends downloading only from official sources, using up-to-date antivirus protection, and never storing recovery seed phrases or sensitive information in digital form or on unprotected devices.

Related Reading:  WhatsApp Malware Campaign Hits Brazilian Users Hard

Messaging Apps, VPNs, and Email Clients Compromised by Stealka

Stealka also steals data from locally installed applications. Messaging apps such as Discord and Telegram are affected. These apps store account data and authentication tokens that attackers can exploit.

Email clients including Outlook and Thunderbird are also targeted. Access to email accounts allows attackers to request password resets for other services. This increases the risk of wider account takeovers.

VPN clients and note-taking apps are not spared either. Stealka targets ProtonVPN, Surfshark, and Microsoft StickyNotes. Kaspersky advises users to avoid pirated software and unofficial mods.

The company also recommends reliable antivirus protection and secure password managers to reduce risk.

The post Kaspersky Warns: Stealka Malware Stealing Crypto Keys from MetaMask, Coinbase, and 80+ Wallets appeared first on Live Bitcoin News.