Cybersecurity agency Kaspersky has found a brand new sort of infostealer malware known as Stealka, which is being distributed by unofficial and pirated sport mods, together with for Roblox. The malware has the flexibility to entry delicate information from Home windows-based browsers, apps, and cryptocurrency wallets, elevating considerations for players who obtain mods from unofficial sources.
Stealka has been detected on platforms akin to GitHub, SourceForge, Softpedia, and websites.google.com, usually disguised as cheats, cracks, or different sport modifications. As soon as put in, the malware can extract login credentials, browser information, and data from over 100 browser extensions. These extensions embrace widespread cryptocurrency wallets like MetaMask, Binance, Coinbase, Crypto.com, and Belief Pockets, in addition to password managers and two-factor authentication apps akin to 1Password, NordPass, LastPass, Google Authenticator, Authy, and Bitwarden.
Affect on Cryptocurrency and Pockets Safety
Past browsers and extensions, Stealka can entry encrypted non-public keys, seed phrases, and pockets file paths from standalone cryptocurrency pockets purposes. Affected wallets embrace these from Binance, Exodus, MyCrypto, MyMonero, and wallets for Bitcoin, Dogecoin, Ethereum, Monero, Novacoin, and Photo voltaic. This permits attackers to doubtlessly achieve management over digital property saved in these wallets.
Kaspersky notes that the malware doesn’t solely goal crypto property. Additionally it is able to stealing authentication tokens and credentials for messaging platforms like Discord and Telegram, electronic mail purchasers together with Outlook and Mailbird, note-taking purposes akin to NoteFly and Notezilla, and VPN purchasers like OpenVPN, ProtonVPN, and WindscribeVPN.
Geographic Attain and Detection
Based on Kaspersky cybersecurity skilled Artem Ushkov, Stealka was first detected in November 2025 on Home windows units. Most affected customers are reportedly primarily based in Russia, though infections have additionally been noticed in Türkiye, Brazil, Germany, and India. Whereas the malware’s potential to entry crypto wallets is regarding, Kaspersky states that there isn’t a confirmed proof of serious theft, as all detected Stealka situations had been blocked by their safety options.
How Avid gamers Can Keep Protected
Kaspersky advises gamers to keep away from downloading unofficial or pirated mods and to depend on respected antivirus software program. Customers ought to keep away from storing necessary credentials in browsers and make use of two-factor authentication the place doable, utilizing backup codes securely with out saving them in browsers or textual content information. These steps might help cut back the danger of falling sufferer to infostealer malware like Stealka.
Ceaselessly Requested Questions (FAQs)
What’s Stealka malware?
Stealka is an infostealer malware that targets Home windows units, primarily distributed by pirated or unofficial sport mods. It will possibly entry login credentials, browser information, and cryptocurrency wallets.
Which video games are affected by Stealka?
To this point, Stealka has been present in unofficial mods for Roblox and different Home windows-based video games. Customers ought to be cautious of downloading mods from unverified sources.
Can Stealka steal cryptocurrency?
Sure. The malware can entry browser extensions and standalone wallets to retrieve non-public keys, seed phrases, and pockets file paths, doubtlessly placing crypto property in danger.
How widespread is Stealka?
Most infections have been reported in Russia, with further instances detected in Türkiye, Brazil, Germany, and India.
How can gamers shield themselves?
Keep away from pirated mods, use trusted antivirus software program, allow two-factor authentication, and don’t retailer delicate info in browsers or unsecured information.
