2 min read

New Malware Targets Metamask And 40 Other Crypto Wallets

By News Desk

A new type of malware is compromising Metamask and at least 40 other different software crypto wallets.

First analyzed by malware expert 3xp0rt, “Mars Stealer” appears to be an enhanced version of the Oski Stealer malware which surfaced in late 2019. Just 95kb in size, the malware is an information-stealing program that can steal data from any web browser, including popular crypto wallet extensions, before disappearing from the victim’s device.

It also has the ability to grab two-factor authentication (2fa) codes, which many crypto holders rely heavily on to protect their bags.

According to a report from BleepingComputer, Mars Stealer can “exfiltrate files from the infected system and relies on its own loader and wiper, which minimizes the infection footprint.”

So far, the malware is known to be a threat to Google Chrome, Brave Browser, Internet Explorer, Microsoft Edge, and at least 30 other internet browsers and applications. It is also known to circumvent Google Authenticator, Authy, Trezor Password Manager and multiple other 2FA apps.

TronLink, MetaMask, Binance Chain Wallet, Yoroi, Nifty Wallet, Math Wallet, Coinbase Wallet, Guarda, EQUAL Wallet, Jaxx Liberty, and many other crypto extensions are vulnerable to Mars Stealer and crypto wallets like Bitcoin Core, Exodus, Binance and Coinomi are all susceptible to hacks in addition.

Mars Stealer is currently available for $140 on Russian-speaking dark markets, making the barrier to entry relatively low.

According to 3xp0rt, the malware also allows attackers to retrieve the following information:

  • IP and country
  • Working path to EXE file
  • Local time and time zone
  • Language system
  • Language keyboard layout
  • Notebook or desktop
  • Processor model
  • Computer name
  • User name
  • Domain computer name
  • Machine ID
  • GUID
  • Installed software and their versions

3xp0rt said:

“Mars Stealer it’s an improved version of Oski Stealer. Have been added anti-debug check, crypto extensions stealing, but outlook stealing is missing. The code has been refactoring, but some algorithms remained stupid as in Oski Stealer. Here you can read detailed Oski Stealer analysis from CyberArk.”

Newsletter Inline

Latest Posts

Trader Joe Review
Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche
Trader Joe Review

Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche

July 2, 2022 30 min read
Huobi Global Review
Huobi Global Review 2022: Good Exchange with DEEP Liquidity
Huobi Global Review

Huobi Global Review 2022: Good Exchange with DEEP Liquidity

June 29, 2022 37 min read
FTX vs FTX US Review
FTX vs FTX US: Which one is BEST for You?
FTX vs FTX US Review

FTX vs FTX US: Which one is BEST for You?

June 27, 2022 14 min read
Bancor Review
Bancor Review: Impermanent Loss Protector?
Bancor Review

Bancor Review: Impermanent Loss Protector?

June 22, 2022 15 min read
Bridge Mutual Review
Bridge Mutual: Insurance for your Crypto
Bridge Mutual Review

Bridge Mutual: Insurance for your Crypto

June 22nd, 2022 22 min read
Serum Review
Serum Review: Solana’s One-Stop DeFi Toolbelt
Serum Review

Serum Review: Solana’s One-Stop DeFi Toolbelt

June 16, 2022 17 min read
Raydium Review: Solana’s DeFi Liquidity Mammoth

Raydium Review: Solana’s DeFi Liquidity Mammoth

June 11, 2022 17 min read

Related Posts

Trader Joe Review
Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche
Trader Joe Review

Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche

July 2, 2022 30 min read
Huobi Global Review
Huobi Global Review 2022: Good Exchange with DEEP Liquidity
Huobi Global Review

Huobi Global Review 2022: Good Exchange with DEEP Liquidity

June 29, 2022 37 min read
FTX vs FTX US Review
FTX vs FTX US: Which one is BEST for You?
FTX vs FTX US Review

FTX vs FTX US: Which one is BEST for You?

June 27, 2022 14 min read
Bancor Review
Bancor Review: Impermanent Loss Protector?
Bancor Review

Bancor Review: Impermanent Loss Protector?

June 22, 2022 15 min read
Bridge Mutual Review
Bridge Mutual: Insurance for your Crypto
Bridge Mutual Review

Bridge Mutual: Insurance for your Crypto

June 22nd, 2022 22 min read
Serum Review
Serum Review: Solana’s One-Stop DeFi Toolbelt
Serum Review

Serum Review: Solana’s One-Stop DeFi Toolbelt

June 16, 2022 17 min read
crypto com
Crypto.com Exchange Review 2022: A World-Class Crypto Exchange
crypto com

Crypto.com Exchange Review 2022: A World-Class Crypto Exchange

June 14th, 2022 30 min read