The “it” is the injecting of malware and perpetrating of other techno-invasions. If you use browser extensions—if you’re a gamer—if you own cryptocurrency—if you click into Amazon—if you’re online—be careful.
Among the latest threats are “Roblox mods” that “spread crypto-stealing malware.” Roblox is an online game platform. It can be used to play games and to create games. A Roblox mod is an unofficial modification or extension of Roblox games or the Roblox interface. It seems to entail the same kind of risk that one incurs by hacking a smartphone to sideload unapproved apps (Trading View, December 23, 2025).
Kaspersky researchers have [detected] Stealka, a sophisticated infostealer masquerading as game mods and pirated software that targets crypto wallets and browser credentials across over 115 extensions.
The malware spreads through trusted platforms, including GitHub, SourceForge, and Softpedia, where attackers create professional-looking fake websites and repositories to distribute the threat under the guise of popular game cheats for titles like Roblox and GTA V.Attackers….
If you’re not a gamer but invest in cryptocurrency, you must still be on the alert:
North Korean threat groups have also escalated tactics by weaponizing blockchain technology itself, embedding malware payloads in smart contracts on the BNB Smart Chain and Ethereum, creating a decentralized command-and-control infrastructure that law enforcement cannot shut down.
For now, Kaspersky recommends that users do the following: deploy reliable antivirus software; avoid storing sensitive credentials in browsers; exercise extreme caution with game cheats and pirated software; enable two-factor authentication with backup codes stored in encrypted password managers rather than text files; refrain from downloading software from untrusted sources despite the convenience they may offer.
Also coming from North Korea are fake job applications from cyber “operatives.” A security officer at Amazon, Stephen Schmidt, has posted about his experience (LinkedIn, December 18, 2025).
Over the past few years, North Korean (DPRK) nationals have been attempting to secure remote IT jobs with companies worldwide, particularly in the U.S. Their objective is typically straightforward: get hired, get paid, and funnel wages back to fund the regime’s weapons programs.
At Amazon, we’ve stopped more than 1,800 suspected DPRK operatives from joining since April 2024, and we’ve detected 27% more DPRK-affiliated applications quarter over quarter this year.
Our detections combine AI-powered screening with human verification. Our AI model analyzes connections to nearly 200 high-risk institutions, anomalies across applications, and geographic inconsistencies. We verify identities through background checks, credential verification, and structured interviews.
Schmidt suggests that others facing this threat keep in mind the following: “identity theft has become more calculated,” targeting well-qualified programmers; “LinkedIn strategies are getting sophisticated” as operatives target dormant accounts and purchase accounts from legitimate account holders; operatives are “increasingly targeting AI and machine learning roles, likely because these are in higher demand as companies adopt AI”; they’re using “laptop farms” at U.S. locations to provide a presence in this country even as workers operate remotely, from outside the U.S.; small details that seem a little off in a resume often serve as red flags, at least in combination with other signs of fraud.
Even if Amazon has been thwarting all these bad guys, other tech firms may be hiring some of them. When the North Korean spies do manage to infiltrate a U.S. firm, using their paychecks to fund North Korean weapon programs may be only one item on the agenda. What about using malware to sabotage the firm and its customers? What about enabling surveillance and stealing information?
These reports focus on North Korea. But hackers and other malicious actors associated with the Chinese Communist Party have similar ambitions and a long history of achieving them.
