Security researchers 3xp0rt reveal that they have discoveredmThe new malware is called Mars Stealer, which is an upgrade from the Oski trojan stealing 2019 targeting Crypto wallets on 40+ browsers, including the popular 2FA extension. Function that can steal user’s private key
MetaMask, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet and TronLink were identified as some of the wallets that were targeted. Security experts noted that Malware can target extensions on Chromium-based browsers, with the exception of Opera, meaning common browsers such as Google Chrome, Microsoft Edge, and Brave are also on this list. Opera is safe from extension attacks, but Firefox and Opera are also vulnerable to identity theft.
Mars Stealer can spread through various channels such as file hosting sites, torrent clients, and other questionable download programs. The first thing it does is check the language of the device, if it matches the language ID of Kazakhstan, Uzbekistan, Azerbaijan, Belarus, or Russia, the software will log off without malicious operations.
But for the rest of the world, this malware targets files that contain sensitive information such as crypto wallet address information and private keys, and then logs out of the system by deleting its presence. any When the theft is finished
The hackers are selling Mars Stealer for $140 on the Dark Web, which means that the barriers to accessing the trojan are pretty low for the perpetrators. Users who hold their crypto assets in browser based wallets or use browser extensions such as Authy to implement 2FA are warned to be wary of clicking on suspicious links or downloads.
The post found new malware. Aimed at MetaMask and 40 other Crypto wallets, it appeared first on Bitcoin Addict.