New password stealing malware aptly called
Erbium have been detected in the wild.
What's scarier is that it includes a lot of crypto wallets and authenticator as it's target:
Cold wallets from browsers (MetaMask, TronLink, Binance Chain Wallet, Yoroi, Nifty Wallet, Math Wallet, Coinbase Wallet, Guarda, EQUAL Wallet, Jaxx Liberty, BitApp Wallet, iWallet, Wombat, MEW CX, GuildWallet, Saturn Wallet, Ronin Wallet, NeoLine, Clover Wallet, Liquality Wallet, Terra Station, Keplr, Sollet, Auro Wallet, Polymesh Wallet, ICONex, Nabox Wallet, KHC, Temple, TezBox, Cyano Wallet, Byone, OneKey, LeafWallet, DAppPlay, BitClip, Steem Keychain, Nash Extension , Hycon Lite Client, ZilPay, Coin98 Wallet, Harmony, KardiaChain, Rabby, Phantom, TON Crystal Wallet)
And then browser authentication too:
Other browser plugins (Authenticator, Authy, Trezor Password Manager, GAuth Authenticator, EOS Authenticator)
And also Cold desktop wallets:
(Exodus, Atomic, Armory, Bitecoin-Core, Bytecoin, Dash-Core, Electrum, Electron, Coinomi, Ethereum, Litecoin-Core, Monero-Core, Zcash, Jaxx)
And so far this is the countries that have been affected by this malware:
And again, it's the same old story but still very effective methods for this cyber criminals - they spread it through fake and crack download software sites.
https://blog.cluster25.duskrise.com/2022/09/15/erbium-stealer-a-new-infostealer