META Malware Steals Crypto and Password Info from Browsers

  • Fraud and Security
malware

First seen in Spring 2022, the META Information Stealer malware is becoming a popular cybercriminal tool. It is designed to steal cryptocurrency assets and passwords commonly stored in web browsers like Chrome, Edge, and Firefox.

In this campaign, criminals employ a standard lure of sending Excel spreadsheet files laced with malware macros as attachments to their targets’ inboxes. The email message usually mentions fund transfers to trick users into downloading and opening the attachment on their devices.

Once opened, the document prompts targets with a DocuSign message meant to deceive them to “enable content.” Then, a malicious VBS macro starts running in the background.

While there is a lot more to how this insidious piece of malware operates and protects itself from removal (see articles on BitDefender or Cyber Intel Mag for detailed information), this is a good time to reiterate some best practices for email security:

  • Be suspicious of attachments. Only open attachments from trusted sources. Ignore common traps like “funds transfer,” “take action immediately,” “critical action required,” etc.
  • Saving passwords in web browsers is convenient, but it does create a risk of compromise via a malware attack. Using a third-party password manager is a better solution.
  • If your system does become infected, seek professional assistance to ensure the malware gets completely removed. Malware is often designed so that it can re-infect your system and/or avoid regular virus scans.
  • Keep up to date on current threats by subscribing to cybersecurity newsletters and resources.

Expect more attacks using META and similar info stealers. They work often enough to deliver financial results to the criminals that use them.

More Resources

  • Fraud and Security, Fraud Prevention

3D Secure Authentication Brings Next-Level Protection for Online Transactions

In 2021, Congress enacted the Corporate Transparency Act. This law creates a Beneficial Ownership Information (BOI) reporting requirement as part of the U.S. government’s efforts...
  • Fraud and Security

Can You Spot a Phishing Scam?

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of...
  • Fraud and Security

Know the Signs of Bank Text Message Spoofing

Bank spoofing via text is a deceptive tactic employed by cybercriminals to trick individuals into divulging sensitive financial information or executing fraudulent transactions....
View All Resources

Related Posts

Businessman on a laptop with illustration featuring "2025 Trends" as the title.
Financial Education

Banking Trends 2025

As 2025 gets underway, there are changes coming from the banking world that business owners should consider as they put plans in place to achieve

Read More