New Malware Poses as Roblox Mods to Steal Crypto Credentials
Hackers are distributing a new infostealer malware called Stealka through pirated mods and unofficial downloads for Roblox and other Windows-based games. Stealka has been found on platforms like GitHub, SourceForge, and Softpedia, posing as cheats, mods, or cracks. Once installed, it targets sensitive information stored in browsers (Chrome, Firefox, Edge, etc.) and over 100 browser extensions, including cryptocurrency wallets (e.g., Binance, MetaMask), password managers, and 2FA apps. It can also extract private keys and wallet data from standalone crypto apps, and steal information from messaging apps, email clients, notetaking apps, and VPN clients. Stealka was first detected by Kaspersky in November 2023, primarily affecting users in Russia, but also observed in countries such as Türkiye, Brazil, Germany, and India. Kaspersky urges users to avoid pirated mods, use reputable antivirus software, enable two-factor authentication, and avoid storing sensitive data in browsers. No significant financial losses have been confirmed, and all detected Stealka samples were blocked by Kaspersky’s security solutions.
