New Malware Targeting Over 40 Crypto Wallets Discovered In R...| MENAFN.COM

Friday, 01 July 2022 05:13 GMT

New Malware Targeting Over 40 Crypto Wallets Discovered In Recent Hacking Attack


(MENAFN- ValueWalk) WorldSpectrum / Pixabay

A new malware dubbed“Mars Stealer” was recently used in several hacking incidents leading to the theft of millions of dollars in cryptocurrency from digital wallets . The Mars Stealer is an upgrade to the Oski trojan which was widely used in malware attacks in 2019. The new malware targets over 40 browser-based digital wallet extensions like Coinbase Wallet, Metamask, and Binance Chain Wallet. Additionally, the malware has capabilities of targeting two-factor authentication (2FA) extensions with a grabber feature that takes the user's private keys.

Get The Full Walter Schloss Series in PDF

Get the entire 10-part series on Walter Schloss in PDF. Save it to your desktop, read it on your tablet, or email to your colleagues.

Q4 2021 hedge fund letters, conferences and more

Roubaix Capital – Directional L/S Equity Exposure with Market Neutral Risk

Roubaix Fund Composite performance update for the month ended January 31, 2022. Q4 2021 hedge fund letters, conferences and more The Roubaix Fund Composite is a fundamental long/short equity strategy focused on small and mid cap U.S. stocks. During January the Composite generated a net return of -3.71% relative to losses of -9.63% for the Read More

New Malware Targets Crypto Wallets

Security experts noted that digital wallets like Ronin Wallet, Nifty Wallet, MetaMask, Coinbase Wallet, Binance Chain Wallet, MEW CX, and TronLink are the main target for hackers using Mars Stealer. The malware targets Chromium-based browsers , which affects the most popularly used browser like Google Chrome, Brave, and Microsoft Edge. Opera and Firefox are less vulnerable but can still be affected by credential-hacking.

The following applications are also being targeted:

  • Internet Explorer
  • Kometa
  • Torch
  • Comodo Dragon
  • Elements Browser
  • CyberFox
  • Authenticator
  • Authy
  • Trezor Password Manager
  • TronLink
  • Yoroi
  • iWallet
  • Neoline
  • ICONex
  • OneKey
  • ZilPay
  • Bitcoin Core
  • Binance
  • MultiDoge

Hackers spread Mars Stealer through several different torrent clients, file-hosting websites, and other downloading systems. Once the system is infected, the malware searches for files with sensitive data like digital wallet addresses and private key info. Once the hacker completes the operation, the malware deletes its presence and activities from the system.

Mars Stealer accesses the following information:

  • IP and country
  • Working path to EXE file
  • Local time and time zone
  • Language system
  • Language keyboard layout
  • Notebook or desktop
  • Processor model
  • Computer name
  • User name
  • Domain computer name
  • Machine ID
  • GUID
  • Installed software and their versions
Accessing The Malware Program

The Mars Stealer is selling on the dark web for $140 for the basic application and $160 for the extended version. At such a low price, it is expected to attract many users to access the malware program. The high number of users will likely increase the number of attacks on unsuspecting cryptocurrency owners who own assets on the targeted wallets.

Updated on Feb 11, 2022, 2:16 pm

MENAFN11022022005205011743ID1103682676


Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.