Luca Stealer Malware Poses A Serious Threat To Web3 Users

CryptoMode KryptoCibule Malware Web3 FBI NetWire Diicot

Cryptocurrency and Web3 enthusiasts are very familiar with malware trying to steal cryptocurrencies and other assets. A new variant, known as Luca Stealer, is currently making the rounds. It is an info stealer but will also target Discord accounts, cold and hot crypto wallets, and over a dozen browser extensions. 

Luca Stealer Poses A Real Threat To Web3 Users

Not a day goes by without a significant malware threat making the rounds. They often threaten cryptocurrency and Web3 enthusiasts, as criminals will try to harvest data or digital assets. Luca Stealer is no exception, as it is designed to obtain various bits of information and crypto assets. That includes stealing funds from hot and cold wallets, making it a grave threat. 

As outlined by Wallet Guard, Luca Stealer is a nasty piece of malware. While its primary purpose is stealing information, the malware will also steal Discord tokens, data from password managers, or empty browser wallets. Many people rely on third-party extensions for their Web3 wallet needs, and this malware will go after the likes of MetaMask, Coin98, Keplr, TezBox, and even Steem Keychain. 

Check out our weekly crypto and fintech newsletter here! Follow CryptoMode on Twitter, Youtube and TikTok for news updates!

On the password manager front, no popular extension seems safe. Luca Stealer will extract information from 1Password, Nordpass, Keeper, LastPass, Zoho Vault, Trezor Password Manager, and a dozen other solutions. That seems to indicate the malware creator will try to access any and all of these extensions and copy data to either abuse or sell it to third parties.

Perhaps even more problematic is how Luca Stealer is an open-source malware. As such, any criminal or nefarious individual can take the source code, make tweaks, repackage it as new malware, and cause irreparable damage. With such a vast array of extensions to target, it puts billions of internet users at risk of having data and digital assets stolen. 

Put Together In Mere Hours

If the above isn’t enough to worry you, it is worth noting the Luca Stealer creator claims they put this tool together in six hours. It is certainly possible some of its code has been taken from other malware, but that isn’t too relevant. It is also one of the stealthier malware types, as VirusTotal has a detection rate of just over 20%. That means nearly eight in ten infections are unnoticed and can cause serious harm to Web3 users.

Furthermore, the Luca Stealer is compatible with virtually all Chromium-based browsers, including Edge, Brave, Dragon, Chrome, etc. It is primarily active on Windows machines today, although it is coded in Rust, making it straightforward to port the code to macOS or Linux. Whether that will happen remains unclear, but the possibility is certainly there. 

None of the information on this website is investment or financial advice. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website.