A New Crypto Wallet Malware Is In Town

4 min readFeb 4, 2022

Cash.Tech Newsletter #15: Powerfully upgraded malware targets 40+ crypto wallets but you can stay protected

The widespread adoption of cryptocurrencies has attracted malicious actors. Since the first known Bitcoin malware emerged in 2011, hackers have continued to optimize their strategies and improve systems dedicated to stealing crypto from unsuspecting users. Recent reports reveal the increased spread of an improved crypto malware that targets the most popular cryptocurrency wallets, especially browser-based extensions.

In this week’s Cash.Tech Newsletter, we take a closer look at the new malware and reveal how you can stay protected. The Cash.Tech team is always ahead of the curve with new security issues facing crypto wallets, and is poised to bring the community up to speed on the best ways to protect their holdings. As usual, we have some captivating development updates to share.

Cash.Tech development update

The Cash.Tech development team is pleased to report on further significant progress in the development of the upcoming Merchant Protocol. This week, the team designed the protocol’s initial technical features, which include an authentication method for new merchants.

In line with our mission to promote self-custody, the Cash.Tech team sought to develop an infrastructure that authenticates and grants merchants access to core features in a decentralized fashion. Hence, the Cash.Tech Merchant Protocol will develop and implement a login mechanism similar to the Metamask login system.

Users that seek to enable Merchant features will be promoted to “Login with Cash.Tech,” and upon confirmation, our systems will create an account for the user in Cash.Tech applications without storing their personal information. This innovative approach will be combined with our preference for decentralized storage systems like BigChainDB to give merchants a truly secure authentication experience.

The next step for the team is to design the user interface for the merchant registration process. Once completed, we will continue to refine the requirements for merchant product listing and creation to ensure a seamless onboarding when the product goes live.

In the broader spectrum, Cash.Tech is continuing the process of onboarding new developers to the blockchain development team, and has also initiated the process of publishing the current Cash.Tech Wallet version to Apple Store. There are also plans to retest released app versions on Android and iOS to find opportunities for improvement.

Our loyal community can rest assured that the Cash.Tech team is working hard behind the scenes to reach key development milestones, and will publish exciting updates as soon as they become available.

Newly improved malware targets hot wallets

On February 1st 2022, reputable security researcher 3xp0rt, uncovered a new malware gaining prominence in the dark web. Dubbed “Mars Stealer,” the malware has become notorious for stealing funds from cryptocurrency investors using hot wallet solutions. Your favorite crypto wallets on desktop, web, and mobile are all hot wallets, as they’re regularly connected to the internet and used for frequent transactions.

The new malware, according to 3xp0rt, is an upgraded version of Oski, another crypto malware that has plagued crypto investors since 2019. Hackers purchase malware like Oski and Mars Stealer from their creators using the dark web and then customize them to meet their target users. While Oski was sold for anywhere between $70–100, the upgraded Mars Stealer is on sale for $140, showing its superiority.

Users can mistakenly download Mars Stealer while interacting with malicious download websites, torrent clients, and sometimes from phishing emails. Once installed, the malware proceeds to scan the system for sensitive data such as private keys and related crypto wallet files. Such data is obtained and sent to the malware deployer, after which the malware deletes itself from the infected system without a trace.

Mars Stealer reportedly targets devices that have installed popular web-based crypto wallet extensions, 2FA plugins, and crypto wallets. It can also steal vital credentials such as email addresses and passwords, posing an even greater challenge to victims.

Stay Protected from Crypto Malware with Cash.Tech

The Cash.Tech wallet is designed from scratch to provide users with high-grade security, including against malware like the Mars Stealer. At the same time, we recognize that users have a key role to play in the malware war.

Here are some crucial steps you can take to protect yourself from crypto malware:

  • Store your crypto private keys and seed phrases offline.
  • Do not click dubious links or download files from untrusted sources, including through email.
  • Use a reputable Malware protector for all your crypto-related devices. Alternatively, use a separate device for crypto transactions.

Cash.Tech remains on top of industry trends and reiterates its commitment to provide users with timely education against emerging security issues. Doing so aligns with our mission to unlock a future where self-custodial crypto ownership is standard.

Cash.Tech is already live on Mainnet for Android and iOS users. Android users can now access the app on Google Playstore, with the iOS version coming to the Apple Store in the coming weeks! Apple Users can access Cash.Tech via https://testflight.apple.com/join/In3h8jr9.




Cash Tech is DeFi as it’s meant to be. Digital currency conversion, payments, staking, and lending. All within one app. https://t.me/cashtechchat