A new and dangerous piece of malware called Stealka is targeting crypto users by disguising itself as game mods and pirated software. Security experts have found that this malware is being spread through popular platforms like GitHub, SourceForge, and Softpedia. Hackers create fake but professional-looking websites and repositories that offer free game cheats for popular games like Roblox and GTA V to trick users into downloading the malware.

Once installed, Stealka silently steals sensitive information from your computer. It’s designed to go after crypto wallets, browser login data, and more. It can pull data from over 100 apps and extensions, including Chrome, Firefox, Edge, and Opera. This allows it to bypass two-factor authentication and access accounts without needing passwords.

Stealka specifically targets crypto wallets such as MetaMask, Trust Wallet, Coinbase, Binance, and Phantom. It also goes after password managers like 1Password, LastPass, Bitwarden, and NordPass. The malware can download settings from 80 different crypto wallets—including Bitcoin, Ethereum, Dogecoin, Monero, and Exodus—to steal private keys and seed phrases.

But it doesn’t stop there. Stealka also grabs data from email clients like Outlook and Thunderbird, messaging apps like Discord and Telegram, and even VPN tools such as ProtonVPN and Surfshark. It looks for sensitive info saved in note-taking apps and collects system details, installed programs, hardware info, and screenshots.

Some of the infected mods were posted using hijacked accounts on trusted modding sites. For example, a GTA V mod containing Stealka was shared by a previously compromised user account, which made it look more trustworthy.

This discovery comes at a time when crypto security is facing major challenges. In 2025 alone, the industry has already lost over $9 billion to hacks—about 10% of the total $90 billion stolen in the past 15 years. Just in November, losses exceeded $276 million.

Experts say that many of these attacks happen not because of flaws in the code but due to poor security practices after launch or during updates. Most Web3 projects don’t even have basic firewalls or modern AI security tools in place. As smart contracts become harder to hack directly, attackers are now focusing more on human errors and weak operational security.

Other recent threats include fake GitHub repositories (GitVenom), malware on mobile app stores (SparkKitty), and trojans hiding in fake Microsoft Office installers (ClipBanker). Some advanced hackers are even hiding malware inside blockchain smart contracts on Ethereum and BNB Smart Chain, making them harder for law enforcement to shut down.

To stay safe, users should be extra cautious when downloading software or game mods—especially from unofficial sources. Avoid clicking on links from unverified websites or forums, use strong passwords with two-factor authentication, and keep your antivirus software up to date.