A new malware, Mars Stealer, an upgrade to the 2019 info-stealing Oski Trojan, now targets more than 40 browser extensions wallets, as well as the popular two-factor authentication (2FA) extension, according to security researcher 3xp0rt , which has the function of grabbing the user’s private key.
MetaMask, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet, and TronLink were all listed as targeted wallets. Mars Stealer can be spread through various channels such as file hosting sites, torrent clients and any other downloader.
Hackers are currently selling Mars Stealer on darknet forums for $140, meaning the barrier to entry for malicious actors to access the Trojan is relatively low.