Recently, a new malware targeting cryptocurrencies has appeared. Its name is Mars Stealer, a Trojan horse that, if it infects your computer, can steal your private keys as well as other sensitive data. What does it look like?
Mars Stealer targets not only your wallets but also your 2FA extensions
This information highlights one of the most crucial recommendations of our ecosystem: use a hardware wallet. Indeed, a password, no matter how complicated, is not enough in the world of cryptocurrencies, and the same goes for double authentication (2FA). This is what the Mars Stealer Trojan reminds us.
The information is reported on the Twitter account of programmer 3xp0rt. He sends us to his blog, where he provides a complete analysis of the malware. We learn that this Trojan targets more than thirty browsers, including Chrome, Firefox, Microsoft Edge, Opera and Brave.
Mars Stealer attacks crypto wallets that work as browser extensions: MetaMask, Binance Chain Wallet, Coinbase Wallet or Keplr, to name a few. 2FA extensions like Authy or cryptocurrency wallet software like Exodus are also vulnerable.
On the other hand, regarding 2FA extensions, only Chromium-based browsers except Opera would be vulnerable.
The main objective of the software will be to steal your private keys. Thanks to this, a hacker will then be able to empty your funds before you can realize it.
Interestingly, if the victim’s computer is configured in the language of the following countries, Mars Stealer will not perform any dishonest actions:
- Kazakhstan;
- Uzbekistan;
- Azerbaijan;
- Kazakhstan;
- Russia;
- Belarus.
Don’t think, however, that this makes you safe from further attacks of this kind by allowing you to skip good security practices.
How do you protect yourself from software like Mars Stealer?
The truth is that Mars Stealer is not the first and will not be the last malware of its kind. Anyone can inadvertently download a program that can steal their private keys or other sensitive data. That’s why the most reliable solution so far is the use of a hardware wallet.
With a Ledger key linked to your MetaMask, for example, a third party cannot empty your cryptocurrencies, as they would also have to validate the transaction on your key.
Another basic recommendation to limit this type of attack will be to warn you about the software you use. Indeed, a Trojan horse of this kind will often be embedded in supposedly reliable download links. For example, you could launch it thinking you are downloading an ad blocker. To do this, choose the site of the software publisher in question whenever possible.
In the same logic, a malicious program could be added to a phishing email, pretending to be a site you are used to using to get you to perform a particular action.
In this regard, some sites, such as Binance, offer you the option of including a phrase or word of your choice in your security settings. This way, when you receive a real e-mail from the site, you will be reminded of what you have entered in a box with the words “anti-phishing”.
Nevertheless, there is no miracle recipe to prevent a hacking attempt, but by applying a maximum of good practices, it is possible to limit the risk. Let’s not forget that often the biggest flaw is the human being himself.