Close Menu
FSNN | Free Speech News NetworkFSNN | Free Speech News Network
  • Home
  • News
    • Politics
    • Legal & Courts
    • Tech & Big Tech
    • Campus & Education
    • Media & Culture
    • Global Free Speech
  • Opinions
    • Debates
  • Video/Live
  • Community
  • Freedom Index
  • About
    • Mission
    • Contact
    • Support
Trending

Remains of abducted Mexican journalist Roxana Guzmán identified in Veracruz

55 minutes ago

The Mask That Made Me

1 hour ago

How white hat hackers with a $3,000 server found a flaw that could’ve put $70 billion in crypto at risk

2 hours ago
Facebook X (Twitter) Instagram
Facebook X (Twitter) Discord Telegram
FSNN | Free Speech News NetworkFSNN | Free Speech News Network
Market Data Newsletter
Saturday, July 4
  • Home
  • News
    • Politics
    • Legal & Courts
    • Tech & Big Tech
    • Campus & Education
    • Media & Culture
    • Global Free Speech
  • Opinions
    • Debates
  • Video/Live
  • Community
  • Freedom Index
  • About
    • Mission
    • Contact
    • Support
FSNN | Free Speech News NetworkFSNN | Free Speech News Network
Home»Cryptocurrency & Free Speech Finance»New Malware Poses as Roblox Mods to Steal Crypto Credentials
Cryptocurrency & Free Speech Finance

New Malware Poses as Roblox Mods to Steal Crypto Credentials

News RoomBy News Room7 months agoNo Comments3 Mins Read1,708 Views
Share Facebook Twitter Pinterest Copy Link LinkedIn Tumblr Email VKontakte Telegram
New Malware Poses as Roblox Mods to Steal Crypto Credentials
Share
Facebook Twitter Pinterest Email Copy Link

Listen to the article

0:00
0:00

Key Takeaways

Playback Speed

Select a Voice

In brief

  • Cybersecurity experts at Kaspersky have discovered a new type of infostealer that has the ability to steal sensitive info from a wide variety of Windows-based browsers and apps.
  • Hackers are inserting the malware in unofficial mods for games such as Roblox, as well as various Windows apps.
  • Kaspersky tells Decrypt that it has no data on the amount of crypto stolen using the infostealer.

Hackers are inserting infostealer malware into pirated mods for Roblox and other games, according to research from cybersecurity company Kaspersky.

A blog post from Kaspersky reveals that it has identified a new variety of infostealer called Stealka, which it has so far encountered on distribution platforms such as GitHub, SourceForge, Softpedia and sites.google.com.

Disguised as unofficial mods, cheats and cracks for Windows-based games and other apps, Stealka exfiltrates sensitive login and browser information, which its operators can use to steal crypto.

Crypto wallets targeted

The malware primarily targets data contained by browsers such as Chrome, Firefox, Opera, Yandex Browser, Edge, Brave, as well as the settings and databases of over 100 browser extensions.

Such extensions include cryptocurrency wallets from Binance, Coinbase, MetaMask, Crypto.com and Trust Wallet, as well as password managers (1Password, NordPass, LastPass) and 2FA apps (Google Authenticator, Authy, Bitwarden).

In fact, Stealka’s reach doesn’t stop with browser extensions, since it can also lift (encrypted) private keys, seed phrase data and wallet file paths from standalone cryptocurrency wallet apps.

This includes apps from Binance, Exodus, MyCrypto and MyMonero, as well as wallet apps for Bitcoin, BitcoinABC, Dogecoin, Ethereum, Monero, Novacoin and Solar.

Away from crypto, the Stealka malware has the ability to steal data and authentication tokens for messaging apps (e.g. Discord and Telegram), password manager apps (e.g. 1Password, Bitward, LastPass), email clients (e.g. Gmail Notifier Pro, Mailbird, Outlook), notetaking apps (NoteFly, Notezilla, Microsoft StickyNotes), and VPN clients (e.g. OpenVPN, ProtonVPN, WindscribeVPN).

Speaking to Decrypt, Kaspersky cybersecurity expert Artem Ushkov explained that the new malware “was detected by Kaspersky endpoint protection solutions on Windows machines in November 2025.”

As is the case with similar malware, Ushkov reports that most of the users targeted by Stealka are based in Russia.

“However, attacks by the malware have also been detected in other countries, including Türkiye, Brazil, Germany and India,” he added.

How to stay safe

In view of the threat Stealka, Kaspersky advises in its blog that, aside from using reputable antivirus software, users should steer clear of unofficial and pirated mods.

The blog also advises against storing important info in browsers, and urges users to employ two-factor authentication wherever available, while also making use of backup codes (but without storing them on browsers or in text documents).

While Stealka’s potential for stealing info and, by extension, crypto seems intimidating, there’s currently no indication that it has resulted in significant losses.

“We are not aware of the amount of crypto that has been stolen using it,” said Ushkov. “Our solutions protect against this threat: all detected Stealka malware was blocked by our solutions.”

GG Newsletter

Get the latest web3 gaming news, hear directly from gaming studios and influencers covering the space, and receive power-ups from our partners.

Read the full article here

Fact Checker

Verify the accuracy of this article using AI-powered analysis and real-time sources.

Get Your Fact Check Report

Enter your email to receive detailed fact-checking analysis

5 free reports remaining

Continue with Full Access

You've used your 5 free reports. Sign up for unlimited access!

Already have an account? Sign in here

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Telegram Copy Link
News Room
  • Website
  • Facebook
  • X (Twitter)
  • Instagram
  • LinkedIn

The FSNN News Room is the voice of our in-house journalists, editors, and researchers. We deliver timely, unbiased reporting at the crossroads of finance, cryptocurrency, and global politics, providing clear, fact-driven analysis free from agendas.

Related Articles

Debates

The Mask That Made Me

1 hour ago
Cryptocurrency & Free Speech Finance

How white hat hackers with a $3,000 server found a flaw that could’ve put $70 billion in crypto at risk

2 hours ago
Cryptocurrency & Free Speech Finance

Tokenization’s next use case is personalized portfolios, NYLIM executive says

3 hours ago
Cryptocurrency & Free Speech Finance

Kraken Expands Tokenized Stocks into Leveraged Trading

3 hours ago
Media & Culture

This Week In Techdirt History: June 28th – July 4th

4 hours ago
Cryptocurrency & Free Speech Finance

Bitcoin retakes $63,000, reversing end-June losses

4 hours ago
Add A Comment

Comments are closed.

Editors Picks

The Mask That Made Me

1 hour ago

How white hat hackers with a $3,000 server found a flaw that could’ve put $70 billion in crypto at risk

2 hours ago

Tokenization’s next use case is personalized portfolios, NYLIM executive says

3 hours ago

Kraken Expands Tokenized Stocks into Leveraged Trading

3 hours ago
Latest Posts

This Week In Techdirt History: June 28th – July 4th

4 hours ago

Bitcoin retakes $63,000, reversing end-June losses

4 hours ago

Review: This Iconic Musical Reminds Us That Open Debate Still Matters

5 hours ago

Subscribe to News

Get the latest news and updates directly to your inbox.

At FSNN – Free Speech News Network, we deliver unfiltered reporting and in-depth analysis on the stories that matter most. From breaking headlines to global perspectives, our mission is to keep you informed, empowered, and connected.

FSNN.net is owned and operated by GlobalBoost Media
, an independent media organization dedicated to advancing transparency, free expression, and factual journalism across the digital landscape.

Facebook X (Twitter) Discord Telegram
Latest News

Remains of abducted Mexican journalist Roxana Guzmán identified in Veracruz

55 minutes ago

The Mask That Made Me

1 hour ago

How white hat hackers with a $3,000 server found a flaw that could’ve put $70 billion in crypto at risk

2 hours ago

Subscribe to Updates

Get the latest news and updates directly to your inbox.

© 2026 GlobalBoost Media. All Rights Reserved.
  • Privacy Policy
  • Terms of Service
  • Our Authors
  • Contact

Type above and press Enter to search. Press Esc to cancel.

🍪

Cookies

We and our selected partners wish to use cookies to collect information about you for functional purposes and statistical marketing. You may not give us your consent for certain purposes by selecting an option and you can withdraw your consent at any time via the cookie icon.

Cookie Preferences

Manage Cookies

Cookies are small text that can be used by websites to make the user experience more efficient. The law states that we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission. This site uses various types of cookies. Some cookies are placed by third party services that appear on our pages.

Your permission applies to the following domains:

  • https://fsnn.net
Necessary
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Statistic
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Preferences
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Marketing
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.