fxfarmerashik Posted February 8, 2022 Share Posted February 8, 2022 Users have been warned against a new malware designed to steal crypto from browser extension wallets such as MetaMask and Coinbase Wallet. Security was never the strong suit of browser-based crypto wallets to store Bitcoin (BTC), Ether (ETH), and other cryptocurrencies. However, new malware makes the safety of online wallets even more complicated by directly targeting crypto wallets. P.S: Trade with a trusted Forex broker! That works as browser extensions such as MetaMask, Binance Chain Wallet, or Coinbase Wallet. Named Mars Stealer by its developers, the new malware is a powerful upgrade on the information-stealing Oski trojan of 2019, according to security researcher 3xp0rt. It targets more than 40 browser-based crypto wallets, along with popular two-factor authentication (2FA) extensions. Metaverse, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet, and TronLink are listed as some of the targeted wallets. The security expert notes that the malware can target extensions on Chromium-based browsers except Opera. Sadly, it means some of the most common browsers such as Google Chrome, Microsoft Edge and Brave made it to the list. Also, while they are safe from extension-specific attacks, Firefox and Opera are also vulnerable to credential-hijacking. Mars Stealer can be spread through various channels such as file-hosting websites, torrent clients, and any other shady downloaders. After infecting a system, the first thing the malware does is check the device language. If it matches the language ID of Kazakhstan, Uzbekistan, Azerbaijan, Belarus, or Russia, the software leaves the system without any malicious action. For the rest of the world, the malware targets a file that holds sensitive information such as crypto wallets’ address info and private keys. It then leaves the system by deleting any presence once the theft is complete. Hackers are currently selling Mars Stealer for $140 on dark web forums. Meaning the barrier to access the trojan is relatively low for malicious actors. Users who hold their crypto assets on browser-based wallets. Or use browser extensions like Authy to utilize 2FA are warned to be cautious against clicking dubious links or downloads. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now