Browser-based crypto wallets have an awful history with security. Metamask and the likes aren’t the best way to store Bitcoin, Ether, or any other cryptocurrency and things are becoming more complicated with the emergence of a new malware that targets online wallets.
A new malware called Mars Stealer makes online wallets vulnerable. Popular web-based online wallets include Metamask, Binance Chain Wallet, or Coinbase Wallet.
Named Mars Stealer by its developers, the new malware is a powerful upgrade on the information-stealing Oski trojan of 2019, according to security researcher 3xp0rt. The malware targets over 40 browser-based crypto wallets and two-factor authentication (2FA) extensions allowing cybercriminals to steal users’ private keys.
MetaMask, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet, and TronLink are listed as some of the targeted wallets. Security experts warned that the malware can also target extensions on Chromium-based browsers, except Opera. Unfortunately, browsers such as Google Chrome, Microsoft Edge, and Brave are vulnerable to attacks. Also, while they are safe from extension-specific attacks, Firefox and Opera are also vulnerable to credential-hijacking.