ExchangeDEX+

Buy Crypto Markets Spot FuturesBTC Earn Event Center

The malware, the ModStealer, silently attacks crypto wallets of Windows, Mac, and Linux by bypassing antivirus protection using fake job advertisements. ModStealer is a typical cross-platform malware that harvests crypto assets in browser wallets and presents a novel threat to cryptocurrency users. It has been in operation for almost a month, unnoticed by major antivirus […] The post ModStealer Virus platform-agnostic Invisible Crypto Wallet Thief appeared first on Live Bitcoin News. The malware, the ModStealer, silently attacks crypto wallets of Windows, Mac, and Linux by bypassing antivirus protection using fake job advertisements. ModStealer is a typical cross-platform malware that harvests crypto assets in browser wallets and presents a novel threat to cryptocurrency users. It has been in operation for almost a month, unnoticed by major antivirus […] The post ModStealer Virus platform-agnostic Invisible Crypto Wallet Thief appeared first on Live Bitcoin News.

ModStealer Virus platform-agnostic Invisible Crypto Wallet Thief

Author: LiveBitcoinNews

Source: LiveBitcoinNews

2025/09/13 17:00

CROSS$0.13163+0.50%

LIVE$0.00003967+8.12%

MAJOR$0.11637-4.46%

WALLET$0.00925-4.34%

The malware, the ModStealer, silently attacks crypto wallets of Windows, Mac, and Linux by bypassing antivirus protection using fake job advertisements.

ModStealer is a typical cross-platform malware that harvests crypto assets in browser wallets and presents a novel threat to cryptocurrency users. It has been in operation for almost a month, unnoticed by major antivirus systems.

This malware attacks Windows, macOS, and Linux operating systems and steals private keys and credentials associated with 56 browser wallet extensions, which also includes Safari.

ModStealer is distributed using counterfeit ads as job recruiters. The victims are duped into loading a rogue JavaScript panel coded in NodeJS, which avoids signature-based antivirus detection.

The malware extracts the data, including the keys of the private keys, configuration files, and certificates required to access the crypto wallet, stealthily.

ModStealer’s Dark Arsenal: Clipboard, Screen Capture, Remote Control

In addition to stealing wallets, the malware gets clipboard data and screenshots. Worse still, it provides the attackers with the power of remote code execution, and this could provide complete access to the infected devices.

On Mac OS, the ModStealer continues to operate by posing as a background process through the use of launchctl in Apple, silently watching and stealing data to servers that are thought to be connected to the infrastructure that may be hiding within Europe.

Analysts point out how the business of Malware-as-a-Service (MaaS), in which cybercriminals create advanced malware such as ModStealer and rent it to affiliates with minimal technical expertise, is on the rise.

This type of model increases the scope and influence of malware campaigns against digital assets.

Researchers of Mosyle caution that a signature-based defense is no longer adequate.

Such nefarious malware threats can only be countered by constant behavior surveillance and sophisticated threat detection.

Market Opportunity

CROSS Price(CROSS)

$0.13163

$0.13163$0.13163

+0.39%

USD

CROSS (CROSS) Live Price Chart

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.