crypto-first21
--
New ModStealer malware targets crypto wallets across operating systems
A newly-discovered malware called ModStealer is targeting crypto users across macOS, Windows and Linux systems, posing risks to wallets and access credentials.
Apple-focused security firm Mosyle uncovered the malware, saying it remained completely undetected by major antivirus engines for almost a month after being uploaded to VirusTotal, an online platform that analyzes files to detect malicious content
ModStealer is designed to extract data, with pre-loaded code that steals private keys, certificates, credential files and browser-based wallet extensions. The security researchers found targeting logic for different wallets, including extensions on Safari and Chromium-based browsers.
The security firm said the malware persists on macOS by abusing the system to register as a background agent. The team said the server is hosted in Finland but believes the infrastructure is routed through Germany to mask the operators’ origin.
The malware is reportedly being distributed through fake job recruitment ads, a tactic that has been increasingly used to target Web3 developers and builders.
#news_update
A newly-discovered malware called ModStealer is targeting crypto users across macOS, Windows and Linux systems, posing risks to wallets and access credentials.
Apple-focused security firm Mosyle uncovered the malware, saying it remained completely undetected by major antivirus engines for almost a month after being uploaded to VirusTotal, an online platform that analyzes files to detect malicious content
ModStealer is designed to extract data, with pre-loaded code that steals private keys, certificates, credential files and browser-based wallet extensions. The security researchers found targeting logic for different wallets, including extensions on Safari and Chromium-based browsers.
The security firm said the malware persists on macOS by abusing the system to register as a background agent. The team said the server is hosted in Finland but believes the infrastructure is routed through Germany to mask the operators’ origin.
The malware is reportedly being distributed through fake job recruitment ads, a tactic that has been increasingly used to target Web3 developers and builders.
#news_update
Αποποίηση ευθυνών: Περιλαμβάνει γνώμες τρίτων. Δεν είναι οικονομική συμβουλή. Ενδέχεται να περιλαμβάνει χορηγούμενο περιεχόμενο. Δείτε τους Όρους και προϋποθέσεις.
53
0
Εξερευνήστε τα τελευταία νέα για τα κρύπτο
⚡️ Συμμετέχετε στις πιο πρόσφατες συζητήσεις για τα κρύπτο
💬 Αλληλεπιδράστε με τους αγαπημένους σας δημιουργούς
👍 Απολαύστε περιεχόμενο που σας ενδιαφέρει
Διεύθυνση email/αριθμός τηλεφώνου