BusinessPostCorner.com
No Result
View All Result
Thursday, July 16, 2026
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
BusinessPostCorner.com
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
No Result
View All Result
BusinessPostCorner.com
No Result
View All Result

Fake Roblox Mods Put Gamers at Risk: Crypto-Stealing Malware

December 23, 2025
in Crypto News
Reading Time: 5 mins read
A A
0
Fake Roblox Mods Put Gamers at Risk: Crypto-Stealing Malware
ShareShareShareShareShare

Crypto Journalist

Anas Hassan

Crypto Journalist

Anas HassanVerified

Part of the Team Since

Jun 2025

About Author

Anas is a crypto native journalist and SEO writer with over five years of writing experience covering blockchain, crypto, DeFi, and emerging tech.

Share

Last updated: 

December 23, 2025

Fake Roblox Mods Put Gamers at Risk: Crypto-Stealing Malware

Kaspersky researchers have uncovered Stealka, a sophisticated infostealer masquerading as game mods and pirated software that targets crypto wallets and browser credentials across over 115 extensions.

The malware spreads through trusted platforms, including GitHub, SourceForge, and Softpedia, where attackers create professional-looking fake websites and repositories to distribute the threat under the guise of popular game cheats for titles like Roblox and GTA V.

Attackers exploited the website. | Source: Kaspersky

The discovery marks the latest escalation in a broader pattern of gaming-focused malware campaigns, as cybercriminals increasingly exploit the trust gamers place in modding communities.

Attackers leverage popular search terms and authentic-looking download pages to lure victims, with some sites falsely claiming that virus scans are conducted before downloads, even though no such verification occurs.

The malicious files appear deliberately deceptive; one fake site advertised Half-Life 3 while describing it as “professional software solution designed for Windows,” using popular gaming titles merely as bait to maximize search engine visibility.

Source: Kaspersky

Extensive Arsenal Targets Crypto Wallets

According to the security firm, Stealka’s capabilities extend far beyond basic credential theft, targeting data from browsers built on Chromium and Gecko engines, putting over 100 applications, including Chrome, Firefox, Opera, and Edge, at immediate risk.

The malware extracts autofill data, session tokens, and cookies that allow attackers to bypass two-factor authentication and hijack accounts without passwords, while simultaneously targeting 115 browser extensions for crypto wallets, password managers, and authentication services.

High-value targets include crypto wallets such as Binance, Coinbase, MetaMask, Trust Wallet, and Phantom, as well as password managers such as 1Password, Bitwarden, LastPass, and NordPass.

The stealer downloads local configurations from 80 wallet applications, encompassing Bitcoin, Ethereum, Exodus, Monero, and Dogecoin, that may contain encrypted private keys and seed phrase data sufficient to compromise holdings.

Beyond crypto assets, Stealka infiltrates messaging apps like Discord and Telegram, email clients including Outlook and Thunderbird, gaming platforms such as Steam and Roblox launchers, VPN clients like ProtonVPN and Surfshark, and note-taking apps where users often improperly store sensitive information.

The malware additionally harvests system data, installed program lists, hardware specifications, and captures screenshots to maximize intelligence gathering.

Attackers have used compromised accounts to spread the malware further, with Kaspersky discovering the stealer in a GTA V mod posted by a previously hijacked account on a dedicated modding site.

Industry Faces Mounting Security Crisis

The Stealka campaign emerges amid catastrophic industry-wide security failures, as crypto platforms have lost $9.1 billion in 2025 alone, which is 10% of the $90 billion stolen over the past 15 years.

In November, losses exceeded $276 million, pushing the annual total past historical records.

“Crypto is facing a security reckoning,” said Mitchell Amador, CEO of Immunefi, a crowdsourced security platform protecting $180 billion in assets.

“Most hacks this year haven’t occurred due to poor audits—they’ve happened after launch, during protocol upgrades, or through integration vulnerabilities.“

Amador emphasized that 99% of Web3 projects operate without basic firewalls while fewer than 10% deploy modern AI security tools, calling the sector’s approach “willful negligence.“

The human element has become the primary attack surface, with threat actors shifting from code vulnerabilities to operational security breaches as smart contracts become harder to exploit.

“The threat landscape is shifting from on-chain code vulnerabilities to operational security and treasury-level attacks,” Amador explained. “As code hardens, attackers target the human element.”

Kaspersky’s broader research reveals a sustained malware ecosystem, having previously documented the GitVenom campaign involving hundreds of fake GitHub repositories, SparkKitty mobile malware that infiltrated Apple’s App Store and Google Play to steal seed phrase screenshots via OCR, and ClipBanker trojans hidden in fake Microsoft Office downloads.

North Korean threat groups have also escalated tactics by weaponizing blockchain technology itself, embedding malware payloads in smart contracts on the BNB Smart Chain and Ethereum, creating a decentralized command-and-control infrastructure that law enforcement cannot shut down.

For now, Kaspersky recommends users to do the following:

  • Deploy reliable antivirus software.
  • Avoid storing sensitive credentials in browsers.
  • Exercise extreme caution with game cheats and pirated software.
  • Enable two-factor authentication with backup codes stored in encrypted password managers rather than text files.
  • Refrain from downloading software from untrusted sources despite the convenience they may offer.


Credit: Source link

ShareTweetSendPinShare
Previous Post

Epstein files appear to show former Prince Andrew asked Ghislaine Maxwell for ‘inappropriate friends’

Next Post

Franklin Templeton’s Spot ETF Tops 100M

Next Post
Franklin Templeton’s Spot ETF Tops 100M

Franklin Templeton’s Spot ETF Tops 100M

Major car firms found not to have emissions-cheating devices

Major car firms found not to have emissions-cheating devices

July 10, 2026
SoftBank’s Masayoshi Son ridicules AI critics for ‘spitting upwards’

SoftBank’s Masayoshi Son ridicules AI critics for ‘spitting upwards’

July 14, 2026
Asia’s founders are decamping to the U.S. as the region suffers a protracted venture funding slump

Asia’s founders are decamping to the U.S. as the region suffers a protracted venture funding slump

July 9, 2026
Gender pay gap grows even as women earn more than ever

Gender pay gap grows even as women earn more than ever

July 14, 2026
What history tells us about Trump’s self-enrichment

What history tells us about Trump’s self-enrichment

July 11, 2026
Companies receiving tariff refunds, at least for now

Companies receiving tariff refunds, at least for now

July 10, 2026
BusinessPostCorner.com

BusinessPostCorner.com is an online news portal that aims to share the latest news about following topics: Accounting, Tax, Business, Finance, Crypto, Management, Human resources and Marketing. Feel free to get in touch with us!

Recent News

AI won’t kill offshoring; it will supercharge it

AI won’t kill offshoring; it will supercharge it

July 16, 2026
Chevron and Iraq seek to bypass Strait of Hormuz with Syria pipeline

Chevron and Iraq seek to bypass Strait of Hormuz with Syria pipeline

July 16, 2026

Our Newsletter!

Loading
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA

© 2023 businesspostcorner.com - All Rights Reserved!

No Result
View All Result
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources

© 2023 businesspostcorner.com - All Rights Reserved!