Crypto Researchers Find Another Undetectable Cross-Platform Wallet Drainer

Par : LiveBitcoinNews
2025/09/13 15:30
CROSS
CROSS$0.24622+2.46%
Safe Token
SAFE$0.4661+0.38%
SecondLive
LIVE$0.01818-2.72%
Nowchain
NOW$0.00578-6.77%
Ambire Wallet
WALLET$0.02833+6.22%

ModStealer malware targets crypto wallets on Windows, macOS, and Linux, stealing keys and data. Read how it spreads and how to stay safe.

 

ModStealer malware is becoming one of the most pressing threats to crypto wallets. 

Security researchers discovered that it can now infiltrate systems running Windows, macOS and Linux. Once installed, it extracts sensitive information including wallet credentials, private keys and certificates.

The malware was uncovered by Apple-focused security firm Mosyle. According to their findings, ModStealer avoided detection by most antivirus engines for nearly a month after being uploaded to VirusTotal. 

How ModStealer Operates

Mosyle revealed that ModStealer is a feature-rich infostealer. It comes loaded with code designed to harvest sensitive data from browser-based wallet extensions. 

Targets include popular extensions on Safari and Chromium-based browsers.

On macOS systems, the malware gains persistence by using Apple’s launchctl tool. 

It registers itself as a background agent and silently monitors activity. On all operating systems, it can capture clipboard data, take screenshots and even execute remote commands.

Researchers traced the malware’s server to Finland, even though the infrastructure appears to be routed through Germany.

Fake Job Ads Fuel Malware Distribution

The malware is spreading through fake job recruitment ads. Cybercriminals disguise themselves as recruiters offering technical assessments or test tasks. 

Developers who download these files unknowingly install ModStealer and give attackers access to sensitive data.

This tactic has become increasingly common in Web3 communities. Hacken’s Stephen Ajayi, a technical lead in blockchain security, warned that fake test assignments are now a standard tool for attackers.

He advised handling assignments only in disposable virtual machines that contain no wallets, SSH keys, or password managers.

Advice From Security Experts

Ajayi stressed that users must separate their work and wallet environments. He recommended using a “dev box” for development and a “wallet box” for storing digital assets. 

This compartmentalisation reduces the chance of wallet compromise.

He also pointed out the importance of wallet hygiene. Hardware wallets, offline storage of seed phrases and careful confirmation of wallet addresses are all great strategies for reducing exposure.

Malware-as-a-Service Adds Scale

Researchers believe ModStealer is part of a growing Malware-as-a-Service (MaaS) market. 

Criminals package malware for resale to affiliates, who can then deploy it without technical expertise. This model allows for quick scaling of attacks.

Mosyle noted that ModStealer reflects a wider trend in Mac malware. Infostealers now dominate threats targeting Apple systems, with Jamf reporting a 28% rise this year.

Wider Threats to Crypto Users

The risks extend beyond ModStealer. A recent case pointed out how phishing remains one of the most damaging attack methods. 

Blockchain analytics firm Lookonchain reported that an investor lost $3.05 million in Tether (USDT) after unknowingly approving a malicious transaction.

The investor only checked the first and last few characters of a wallet address. Attackers exploited that habit to redirect funds.

According to security firm CertiK, crypto users lost more than $2.2 billion to hacks, scams, and breaches in the first half of the year. 

Wallet hacks alone accounted for $1.7 billion across just 34 incidents. Phishing scams added over $410 million across 132 attacks.

 

Clause de non-responsabilité : les articles republiés sur ce site proviennent de plateformes publiques et sont fournis à titre informatif uniquement. Ils ne reflètent pas nécessairement les opinions de MEXC. Tous les droits restent la propriété des auteurs d'origine. Si vous estimez qu'un contenu porte atteinte aux droits d'un tiers, veuillez contacter service@support.mexc.com pour demander sa suppression. MEXC ne garantit ni l'exactitude, ni l'exhaustivité, ni l'actualité des contenus, et décline toute responsabilité quant aux actions entreprises sur la base des informations fournies. Ces contenus ne constituent pas des conseils financiers, juridiques ou professionnels, et ne doivent pas être interprétés comme une recommandation ou une approbation de la part de MEXC.
Partager des idées

Vous aimerez peut-être aussi

Fullset Blockchain Conference 2025 Brings Web3 Leaders to Kyiv for a Day of Networking, Innovation, and Collaboration

Fullset Blockchain Conference 2025 Brings Web3 Leaders to Kyiv for a Day of Networking, Innovation, and Collaboration

More than 2,000 Web3 builders, founders, investors, and newcomers will gather on September 21 in the heart of Kyiv to connect, collaborate, and launch the next wave of blockchain projects.
Moonveil
MORE$0.09533-1.71%
Humans.ai
HEART$0.00599+4.99%
Partager
The Cryptonomist2025/09/13 15:00
Partager
WisdomTree Launches Tokenized Fund Offering Retail Access to Private Credit

WisdomTree Launches Tokenized Fund Offering Retail Access to Private Credit

Highlights: WisdomTree launches tokenized fund on Ethereum and Stellar with just a $25 minimum investment. CRDT fund tracks private credit vehicles, offering daily liquidity and blockchain access. Tokenized investing offers daily liquidity, fractional ownership, and real-world yield. Asset manager WisdomTree has launched a new digital fund that introduces private credit to blockchain. The WisdomTree Private Credit and Alternative Income Digital Fund (CRDT) is targeted for both retail and institutional investors, according to the statement on Friday. CRDT seeks to track the performance of a Gapstow Private Credit and Alternative Income Index (GLACI). This index covers 35 publicly traded private credit vehicles. It focuses on a diversified set of assets such as loans to private corporations and real estate investment trusts. WisdomTree Launches Tokenized Fund on Ethereum and Stellar The fund is tokenized on both the Ethereum and Stellar blockchain networks. These platforms provide speed, transparency, and improved access to users. By leveraging blockchain technology, WisdomTree enables alternative asset investing to be conducted on-chain. CRDT is WisdomTree’s latest addition to a growing list of tokenized funds. These funds collectively manage almost $900 million, mostly from institutional capital. But CRDT is distinguished for opening up private credit to everyday investors. A $1T+ asset class is starting to move onchain WisdomTree just launched CRDT, a tokenized private credit + alt income fund built on Stellar + Ethereumhttps://t.co/AS7YcSL3Bv — Build on Stellar (@BuildOnStellar) September 12, 2025 With only $25 remaining, retail users could jump on a market previously reserved for large institutions. This shift underpins wider portfolio diversification via alternative income sources. The idea is to democratize access while maintaining the standards of regulation. Investors can trade in CRDT via WisdomTree Prime and WisdomTree Connect, the firm’s digital platforms. These tools provide a seamless entry into real-world assets on-chain, with daily liquidity and full transparency of the assets and transactions. According to Will Peck, Head of Digital Assets at WisdomTree, “CRDT opens up access to one of the most coveted asset classes, alternatives, directly on-chain. We’ve brought on-chain investing to the next level.” Jeremy Schwartz, Global CIO at WisdomTree, noted that for four years, the firm has focused on making this space more accessible. Now, CRDT helps to deliver the modern yield potential in a blockchain-native structure. Tokenization of Private Credit Continues to Gain Traction WisdomTree’s latest offering is part of a wider institutional move towards tokenized financial product offerings. Goldman Sachs and BNY Mellon have recently launched tokenized money-market funds for institutional investors. Their offerings reflect an overall shift as traditional finance is increasingly integrating blockchain infrastructure. BNY’s LiquidityDirect and @GoldmanSachs’ Digital Asset Platform have collaborated to launch tokenized money market funds (MMFs). This significant initiative sets our clients on a path to access a new capability to increase the utility and potential transferability of MMFs in… pic.twitter.com/WJ1lv7m6T4 — BNY (@BNYglobal) July 23, 2025 The momentum across the financial sector is a growing appetite for real-world assets on-chain. Tokenized funds, from U.S. Treasuries to private equity, have surged in adoption, promising transparency and efficiency in investment processes. Data from RWA.xyz indicates that tokenized private credit instruments are now more than $16.7 billion in value. This growth indicates high demand by both retail and institutional investors for investment opportunities based on blockchain technology. Meanwhile, BlackRock has also dipped its toes into tokenization, launching its BUIDL money market fund and exploring ETFs for tokenized equities. Similarly, Nasdaq filed with the SEC in order to trade tokenized stocks along with traditional stocks. Tokenization makes it easier to access complex financial instruments by turning them into digital tokens. This development makes fractional ownership possible, increasing liquidity and ease of settlement while still adhering to financial regulations. eToro Platform Best Crypto Exchange Over 90 top cryptos to trade Regulated by top-tier entities User-friendly trading app 30+ million users 9.9 Visit eToro eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.
Threshold
T$0.01693+2.98%
Union
U$0.01006+7.59%
TaskBunny
BNY$0.00218--%
Partager
Coinstats2025/09/13 15:07
Partager
Judge Stops Trump From Firing Fed Governor Lisa Cook – Here’s Why

Judge Stops Trump From Firing Fed Governor Lisa Cook – Here’s Why

The post Judge Stops Trump From Firing Fed Governor Lisa Cook – Here’s Why appeared first on Coinpedia Fintech News Recently, the Cook vs Trump legal battle took a turn when the Federal Reserve governor presented evidence. Lisa Cook declared in financial forms that her Atlanta property would be used as a “vacation home” and not her primary residence. This statement clearly dismisses President Trump’s allegations of “mortgage fraud.” Cook Declares Atlanta Property Vacation Home …
OFFICIAL TRUMP
TRUMP$9.364+6.22%
mETHProtocol
COOK$0.016094-0.57%
SphereX
HERE$0.000209-0.47%
Partager
CoinPedia2025/09/13 16:07
Partager

Actualités tendance

Plus

Fullset Blockchain Conference 2025 Brings Web3 Leaders to Kyiv for a Day of Networking, Innovation, and Collaboration

WisdomTree Launches Tokenized Fund Offering Retail Access to Private Credit

Judge Stops Trump From Firing Fed Governor Lisa Cook – Here’s Why

Cops in Hong Kong Arrest Bitcoin Power Heist Technicians.

AlphaPepe emerges as retail traders’ top meme coin pick after $130,000 presale surge