The new Mars Stealer trojan collects saved passwords, private wallet keys, autofill, search and download history, bypassing two-factor authentication. A digital security specialist under the nickname 3xp0rt announced this in his blog.
The virus targets open-source browsers:
Firefox, Internet Explorer, Google Chrome, Microsoft Edge, Opera Neon, Chromium, Pale Moon, Vivaldi, and others.Malware is distributed through infected software and archives. You can find it on free file sharing sites, unprotected sites, and torrent clients.
The main feature of this Trojan is
that it was created specifically to steal the passwords of the crypto owners[/b]. Mars Stealer [b]can receive data from more than forty popular plugins[/b]: Binance Chain Wallet, TronLink, MetaMask, Coinbase Wallet, etc.Also, malware can infect browser wallets
that store confidential data (address, private key, password, etc.) in internal files. Among them are Binance, Electrum, Ethereum, Electrum LTC, Exodus, Electron Cash, MultiDoge, Jaxx.Interestingly, the program does not harm devices from the CIS
: Kazakhstan, Uzbekistan, Azerbaijan, Kazakhstan, Russia, and Belarus. After getting into the systеm, the Trojan first checks the setting of the country and region. If it coincides with these six countries, Mars Stealer will dеlete itself.The main danger lies in the fact that the virus is available to many attackers. They can freely purchase the full version of the program on the darknet forums for $140.
Experts from CoinDesk gave a couple of tips that will help reduce the risk of infection:
1.Updаte the systеm safely of your operating systеm on time, as well as the antivirus.
2. Do not download anything from obscure sites, and also use an antivirus to scan all files before launching.
3. Avoid unsafe sites. Check the protocol (a secure page has HTTPS) and a domain. Attackers can create exact copies of official web pages. But since it is impossible to register a valid domain twice, there will be spelling differences in the address.
4. Do not remember passwords in the browser and, if possible, store them in password managers.
5. Do not keep many coins in the browser and hot wallets.