Security was never the strong suit of browser-based crypto wallets to store Bitcoin (BTC), Ether (ETH) and other cryptocurrencies. However, new malware makes the safety of online wallets even more complicated by directly targeting crypto wallets that work as browser extensions such as MetaMask, Binance Chain Wallet or Coinbase Wallet.

Named Mars Stealer by its developers, the new malware is a powerful upgrade on the information-stealing Oski trojan of 2019, according to security researcher 3xp0rt. It targets more than 40 browser-based crypto wallets, along with popular two-factor authentication (2FA) extensions, with a grabber function that steals users’ private keys.

MetaMask, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet and TronLink are listed as some of the targeted wallets. The security expert notes that the malware can target extensions on Chromium-based browsers except Opera. Sadly, it means some of the most common browsers such as Google Chrome, Microsoft Edge and Brave made it to the list. Also, while they are safe from extension-specific attacks, Firefox and Opera are also vulnerable to credential-hijacking.

Related: ‘Less sophisticated’ malware is stealing millions: Chainalysis

Mars Stealer can be spread through various channels such as file-hosting websites, torrent clients and any other shady downloaders. After infecting a system, the first thing the malware does is check the device language. If it matches the language ID of Kazakhstan, Uzbekistan, Azerbaijan, Belarus or Russia, the software leaves the system without any malicious…


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.