See More

New Rust-based Luca Stealer Malware Targets Web3 Crypto Wallets

2 mins
Updated by Geraint Price
Join our Trading Community on Telegram

In Brief

  • Luca Stealer has been written in the Rust programming language.
  • It targets Chromium-based browsers on Windows computers.
  • It can steal passwords, info, and crypto wallet addresses.
  • promo

A new strain of malware has been detected in the wild that targets Web3 infrastructure and crypto wallets.

The info-stealing malware called Luca Stealer has been spreading since it was first shared on Github on July 3.

The malware affects Microsoft Windows operating systems but it has been written in the Rust programming language making it easy to port to MacOS and Linux.

Cyble Research Labs discovered the Rust-based stealer, detailing the cyber nasty in a report earlier this week. It has now come to the attention of crypto security firms such as Wallet Guard.

Crypto wallets targeted

According to the researchers, Luca Stealer already has been updated three times. Multiple additional functions have been added and more than 25 samples of the source code have been detected in the wild.

Its creators appear to be new actors on hacker forums who have leaked the source code to build a reputation for themselves, they added.

The stealer can target multiple Chromium-based browsers, crypto wallets, chat and messenger applications, and gaming applications. Additional functionality has been inserted in order to steal the victim’s files.

It uses Telegram bots and Discord web-hooks to communicate and send data back to attackers. It targets the Windows AppData folder, looking for the presence of the “logsxc” folder. If not present, the stealer creates the folder with hidden attributes for saving stolen data. It can also modify the Clipboard to attempt to steal crypto by replacing copied wallet addresses with its own.

Luca Stealer targets ten cold crypto wallets, including AtomicWallet, JaxxWallet, and Exodus, having hardcoded the path to them in its source code. It can also target browser extensions of password managers and crypto wallets for more than 20 browsers.

Rust is growing in popularity among cybercriminals as it can be used to write malware quicker and more efficiently than traditional programming languages.

How to protect yourself and your wallet

Windows machines can become infected by downloading suspicious email attachments, dodgy browser extensions, or clicking spurious social media links to malware sites.

Malware is usually spread through phishing and social engineering attacks on social media. Victims are lured into clicking something malicious sent to them or displayed in a fake crypto ad on Facebook or Twitter, for example.

The researchers recommended avoiding downloading any files from untrusted sources. They also suggested clearing browser caches and changing passwords frequently, in addition to having updated software and sturdy antivirus and anti-malware protection.  

Manual removal is possible, but requires advanced knowledge of the Windows registries and file systems. Leading internet security suites and antivirus software are a more reliable options.  

Top crypto projects in the US | June 2024



In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Martin Young
Martin Young is a seasoned cryptocurrency journalist and editor with over 7 years of experience covering the latest news and trends in the digital asset space. He is passionate about making complex blockchain, fintech, and macroeconomics concepts understandable for mainstream audiences.   Martin has been featured in top finance, technology, and crypto publications including BeInCrypto, CoinTelegraph, NewsBTC, FX Empire, and Asia Times. His articles provide an in-depth analysis of...