LUCA STEALER: OPEN-SOURCE WEB3 MALWARE
![](https://cdn.prod.website-files.com/65adddbbd2c6ecb99e857ff7/65ade26d449f09e79e9016ad_640a687618978271e4101ebe_0_THn3P0mQkTj0AIaA.jpg)
Luca Stealer: Open-Source Web3 Malware
⚠️ New Open-Source Malware ⚠️
🎯 Targeting Web3 🧵
Code Named: Luca Stealer 🥷
🔍 High Level:
- Primarily an info stealer
- Targets cold/hot wallets
- Steals discord tokens
- Steals from over 17 different extensions 👇
![](https://cdn.prod.website-files.com/65adddbbd2c6ecb99e857ff7/65ade02aa78ed7f6ff18a740_640a6995845b434db41026ef_0*THn3P0mQkTj0AIaA.jpeg)
Why should you care?
“The malware, which the author claims to have developed in just six hours, is quite stealthy, with VirusTotal returning a detection rate of around 22%.” — Bleeping Computer
The entire code-base for this malware was released for free. 👇
![](https://cdn.prod.website-files.com/65adddbbd2c6ecb99e857ff7/65ade02aa78ed7f6ff18a715_640a69c27616a9b699976ffc_0*QIdu4qkZxN8RcKIQ.png)
What makes this malware interesting?
🔍 Uses Discord web-hooks OR Telegram bots to communicate back to attacker
🔍 Written in Rust which allows for easy porting to macOS or Linux
🔍 Can modify clipboard to attempt to steal crypto by replacing the copied address with theirs.
![](https://cdn.prod.website-files.com/65adddbbd2c6ecb99e857ff7/65ade02aa78ed7f6ff18a70f_640a69f0d589ee43abb2ca6a_0*3YMq2mMFDCgUnj_K.png)
![](https://cdn.prod.website-files.com/65adddbbd2c6ecb99e857ff7/65ade02aa78ed7f6ff18a71e_640a6a02beb3ceac29273c2e_0*VLY-CfOf1uEwHqwv.png)
Why should Web3 Care?
🔲 This malware targets your hot/cold wallets.
🔲 Could replace copied addresses on clipboard
🔲 Easy to impact Windows, macOS and Linux
🔲 Low Detection Rate
What can I do to protect myself?
🔲 Download [@Malwarebytes](https://twitter.com/Malwarebytes) and get premium
🔲 Never download random files
🔲 Always open documents via Google Docs or something similar
🔲 Check the copied address every-time before sending any transactions.
Sources //
![](https://cdn.prod.website-files.com/65adddbbd2c6ecb99e857ff7/65ade02aa78ed7f6ff18a70c_640a6a5942e04060a8f92cbb_0*3SEHCfzuCyWxenxR.jpeg)
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Thanks for reading all the way to the end!
If you liked the content consider checking out our chrome extension designed to help you combat scams in Web3!
![Wallet Guard logo](https://cdn.prod.website-files.com/65adddbbd2c6ecb99e857ff7/65ade0272ac454468cfc6bc2_640a684a08476cdac92f32d1_midLogo.494dad56b3a636d3aed4.png)