Partnership Director at Wallet Guard

Luca Stealer: Open-Source Web3 Malware

⚠️ New Open-Source Malware ⚠️  
🎯 Targeting Web3 🧵  
Code Named:  Luca Stealer  🥷

🔍  High Level:  
- Primarily an info stealer  
- Targets cold/hot wallets  
- Steals discord tokens  
- Steals from over 17 different extensions 👇

Why should you care?

“The malware, which the author claims to have developed in just six hours, is quite stealthy, with VirusTotal returning a detection rate of around 22%.” — Bleeping Computer

The entire code-base for this malware was released for free. 👇

What makes this malware interesting?

🔍 Uses Discord web-hooks OR Telegram bots to communicate back to attacker  
🔍 Written in Rust which allows for easy porting to macOS or Linux  
🔍 Can modify clipboard to attempt to steal crypto by replacing the copied address with theirs.

Why should Web3 Care?

🔲 This malware targets your hot/cold wallets.  
🔲 Could replace copied addresses on clipboard  
🔲 Easy to impact Windows, macOS and Linux  
🔲 Low Detection Rate

What can I do to protect myself?

🔲 Download  [@Malwarebytes]( and get premium  
🔲 Never download random files  
🔲 Always open documents via Google Docs or something similar  
🔲 Check the copied address every-time before sending any transactions.

Sources //

Source code for Rust-based info-stealer released on hacker forums A malware author released the source code of their info-stealer for free on hacking forums earlier this month, and security analysts already report observing several samples being deployed in the wild…

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

Thanks for reading all the way to the end!

If you liked the content consider checking out our chrome extension designed to help you combat scams in Web3!

Wallet Guard logo

Published on
August 28, 2022

Related Articles