MAROKO133 Hot crypto: Gamers at Risk as Fake Roblox Mods Spread Crypto-Stealing Malware Te

📌 MAROKO133 Hot crypto: Gamers at Risk as Fake Roblox Mods Spread Crypto-Stealing

Kaspersky researchers have uncovered Stealka, a sophisticated infostealer masquerading as game mods and pirated software that targets crypto wallets and browser credentials across over 115 extensions.

The malware spreads through trusted platforms, including GitHub, SourceForge, and Softpedia, where attackers create professional-looking fake websites and repositories to distribute the threat under the guise of popular game cheats for titles like Roblox and GTA V.

The discovery marks the latest escalation in a broader pattern of gaming-focused malware campaigns, as cybercriminals increasingly exploit the trust gamers place in modding communities.

Attackers leverage popular search terms and authentic-looking download pages to lure victims, with some sites falsely claiming that virus scans are conducted before downloads, even though no such verification occurs.

The malicious files appear deliberately deceptive; one fake site advertised Half-Life 3 while describing it as “professional software solution designed for Windows,” using popular gaming titles merely as bait to maximize search engine visibility.

Extensive Arsenal Targets Crypto Wallets

According to the security firm, Stealka’s capabilities extend far beyond basic credential theft, targeting data from browsers built on Chromium and Gecko engines, putting over 100 applications, including Chrome, Firefox, Opera, and Edge, at immediate risk.

The malware extracts autofill data, session tokens, and cookies that allow attackers to bypass two-factor authentication and hijack accounts without passwords, while simultaneously targeting 115 browser extensions for crypto wallets, password managers, and authentication services.

High-value targets include crypto wallets such as Binance, Coinbase, MetaMask, Trust Wallet, and Phantom, as well as password managers such as 1Password, Bitwarden, LastPass, and NordPass.

The stealer downloads local configurations from 80 wallet applications, encompassing Bitcoin, Ethereum, Exodus, Monero, and Dogecoin, that may contain encrypted private keys and seed phrase data sufficient to compromise holdings.

Beyond crypto assets, Stealka infiltrates messaging apps like Discord and Telegram, email clients including Outlook and Thunderbird, gaming platforms such as Steam and Roblox launchers, VPN clients like ProtonVPN and Surfshark, and note-taking apps where users often improperly store sensitive information.

The malware additionally harvests system data, installed program lists, hardware specifications, and captures screenshots to maximize intelligence gathering.

Attackers have used compromised accounts to spread the malware further, with Kaspersky discovering the stealer in a GTA V mod posted by a previously hijacked account on a dedicated modding site.

Industry Faces Mounting Security Crisis

The Stealka campaign emerges amid catastrophic industry-wide security failures, as crypto platforms have lost $9.1 billion in 2025 alone, which is 10% of the $90 billion stolen over the past 15 years.

In November, losses exceeded $276 million, pushing the annual total past historical records.

“Crypto is facing a security reckoning,” said Mitchell Amador, CEO of Immunefi, a crowdsourced security platform protecting $180 billion in assets.

“Most hacks this year haven’t occurred due to poor audits—they’ve happened after launch, during protocol upgrades, or through integration vulnerabilities.“

Amador emphasized that 99% of Web3 projects operate without basic firewalls while fewer than 10% deploy modern AI security tools, calling the sector’s approach “willful negligence.“

The human element has become the primary attack surface, with threat actors shifting from code vulnerabilities to operational security breaches as smart contracts become harder to exploit.

“The threat landscape is shifting from on-chain code vulnerabilities to operational security and treasury-level attacks,” Amador explained. “As code hardens, attackers target the human element.”

Kaspersky’s broader research reveals a sustained malware ecosystem, having previously documented the GitVenom campaign involving hundreds of fake GitHub repositories, SparkKitty mobile malware that infiltrated Apple’s App Store and Google Play to steal seed phrase screenshots via OCR, and ClipBanker trojans hidden in fake Microsoft Office downloads.

North Korean threat groups have also escalated tactics by weaponizing blockchain technology itself, embedding malware payloads in smart contracts on the BNB Smart Chain and Ethereum, creating a decentralized command-and-control infrastructure that law enforcement cannot shut down.

For now, Kaspersky recommends users to do the following:

• Deploy reliable antivirus software.
• Avoid storing sensitive credentials in browsers.
• Exercise extreme caution with game cheats and pirated software.
• Enable two-factor authentication with backup codes stored in encrypted password managers rather than text files.
• Refrain from downloading software from untrusted sources despite the convenience they may offer.

The post <a href="https://cryptonews.com/news/gamers-at-ris…

Konten dipersingkat otomatis.

🔗 Sumber: cryptonews.com

📌 MAROKO133 Breaking crypto: Ethereum Is Emerging as a Global Public Good – and Th

Ethereum is no longer just another blockchain competing on speed or transaction fees. Instead, it’s increasingly functioning as an Internet-scale public good—a shift that demands a fundamentally different way of thinking about value.

In a recent guest thread published by the official Ethereum X account, blockchain author and investor William Mougayar argued that Ethereum behaves “like a global public good: non-rivalrous, non-excludable, and system-enabling.”

That framing places Ethereum in the same conceptual category as foundational technologies such as the Internet, GPS, and TCP/IP.

“Like the early Internet, its true value is largely invisible,” the Ethereum account wrote, stressing how infrastructure-level systems often deliver economic impact long before markets fully recognize or price it in.

From Information Protocol to Value Protocol

Mougayar’s report also draws a layered comparison between the Internet and Ethereum.

While the Internet operates primarily as an information protocol, Ethereum is increasingly emerging as a value protocol—a neutral settlement layer upon which large-scale economic systems can be built.

At the base level, both operate as public goods, allowing global participation without exclusion. Higher layers, however, support private goods, institutional applications, and commercial activity.

This layered architecture helps explain why Ethereum’s systemic importance cannot be measured solely by transaction throughput or fee revenue.

A New Framework for Valuing Ethereum

To address this gap, the report also introduces a three-part framework for valuing Ethereum as a public good: captured value, flow value, and trust surplus.

Captured value reflects traditional financial metrics such as fees and token economics. Flow value measures Ethereum’s broader economic contribution across decentralized applications, financial markets, and institutional use cases.

Trust surplus—the most novel component—captures the economic value generated by reducing friction across global transactions, writes Mougayar.

The Trust Dividend Compounding Globally

According to the Ethereum thread, trust surplus emerges through “reduced settlement friction, reduced verification cost, reduced counterparty risk, reduced fraud, and reduced reconciliation overhead.”

This “trust dividend,” as described in the report, compounds over time as more users and institutions rely on the network. Importantly, this reframing shifts Ethereum’s competitive environment.

Rather than competing directly with other blockchains, Ethereum is “competing with the status quo of global coordination.”

Competing With the Status Quo, Not Other Chains

Just as the Internet reorganized information flows, Ethereum is reorganizing how value moves, settles, and is trusted across borders. As a result, the report argues Ethereum’s long-term strength lies not in maximizing short-term revenue or raw transaction speed, but in enabling trust minimization, economic settlement, and institutional adoption at a global scale.

“If you want to understand Ethereum’s value to the world,” the Ethereum account wrote, “look at dependency, flows, and trust minimization. That’s where public-good value accrues.”

The post Ethereum Is Emerging as a Global Public Good – and That Changes How It Should Be Valued, Says William Mougayar appeared first on Cryptonews.

🔗 Sumber: cryptonews.com