• bitcoinBitcoin (BTC) $ 67,858.00
  • ethereumEthereum (ETH) $ 1,982.97
  • tetherTether (USDT) $ 0.999997
  • bnbBNB (BNB) $ 628.00
  • xrpXRP (XRP) $ 1.37
  • usd-coinUSDC (USDC) $ 0.999905
  • solanaSolana (SOL) $ 84.22
  • tronTRON (TRX) $ 0.283648
  • staked-etherLido Staked Ether (STETH) $ 2,265.05
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.02
  • dogecoinDogecoin (DOGE) $ 0.090582
  • whitebitWhiteBIT Coin (WBT) $ 54.29
  • usdsUSDS (USDS) $ 0.999912
  • cardanoCardano (ADA) $ 0.258296
  • bitcoin-cashBitcoin Cash (BCH) $ 448.90
  • wrapped-stethWrapped stETH (WSTETH) $ 2,779.67
  • leo-tokenLEO Token (LEO) $ 9.06
  • hyperliquidHyperliquid (HYPE) $ 30.49
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 76,243.00
  • moneroMonero (XMR) $ 351.22
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998762
  • chainlinkChainlink (LINK) $ 8.80
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 2,466.93
  • ethena-usdeEthena USDe (USDE) $ 0.999257
  • canton-networkCanton (CC) $ 0.153442
  • stellarStellar (XLM) $ 0.151856
  • wrapped-eethWrapped eETH (WEETH) $ 2,465.31
  • usd1-wlfiUSD1 (USD1) $ 0.999408
  • rainRain (RAIN) $ 0.009092
  • susdssUSDS (SUSDS) $ 1.08
  • daiDai (DAI) $ 0.999831
  • hedera-hashgraphHedera (HBAR) $ 0.096555
  • paypal-usdPayPal USD (PYUSD) $ 0.999913
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 76,366.00
  • litecoinLitecoin (LTC) $ 53.95
  • avalanche-2Avalanche (AVAX) $ 9.02
  • suiSui (SUI) $ 0.902740
  • wethWETH (WETH) $ 2,268.37
  • zcashZcash (ZEC) $ 207.75
  • the-open-networkToncoin (TON) $ 1.34
  • shiba-inuShiba Inu (SHIB) $ 0.000005
  • usdt0USDT0 (USDT0) $ 0.998824
  • crypto-com-chainCronos (CRO) $ 0.075123
  • tether-goldTether Gold (XAUT) $ 5,143.54
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.098611
  • memecoreMemeCore (M) $ 1.51
  • pax-goldPAX Gold (PAXG) $ 5,181.01
  • polkadotPolkadot (DOT) $ 1.50
  • uniswapUniswap (UNI) $ 3.83
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.22
  • mantleMantle (MNT) $ 0.680449
  • pi-networkPi Network (PI) $ 0.223683
  • okbOKB (OKB) $ 102.26
  • hashnote-usycCircle USYC (USYC) $ 1.12
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • falcon-financeFalcon USD (USDF) $ 0.997471
  • aster-2Aster (ASTER) $ 0.695702
  • bittensorBittensor (TAO) $ 177.77
  • global-dollarGlobal Dollar (USDG) $ 0.999996
  • aaveAave (AAVE) $ 110.38
  • skySky (SKY) $ 0.070087
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • ripple-usdRipple USD (RLUSD) $ 0.999987
  • nearNEAR Protocol (NEAR) $ 1.22
  • bitget-tokenBitget Token (BGB) $ 2.17
  • htx-daoHTX DAO (HTX) $ 0.000002
  • pepePepe (PEPE) $ 0.000003
  • internet-computerInternet Computer (ICP) $ 2.47
  • bfusdBFUSD (BFUSD) $ 0.999301
  • ethereum-classicEthereum Classic (ETC) $ 8.19
  • ondo-financeOndo (ONDO) $ 0.252284
  • gatechain-tokenGate (GT) $ 7.03
  • worldcoin-wldWorldcoin (WLD) $ 0.387176
  • pump-funPump.fun (PUMP) $ 0.001866
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 11.01
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.098099
  • kucoin-sharesKuCoin (KCS) $ 7.80
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.00
  • morphoMorpho (MORPHO) $ 1.81
  • midnight-3Midnight (NIGHT) $ 0.058235
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.12
  • cosmosCosmos Hub (ATOM) $ 1.82
  • jito-staked-solJito Staked SOL (JITOSOL) $ 124.46
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.22
  • nexoNEXO (NEXO) $ 0.866610
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,404.69
  • ethenaEthena (ENA) $ 0.101649
  • usdtbUSDtb (USDTB) $ 0.999348
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,262.26
  • kaspaKaspa (KAS) $ 0.029918
  • rocket-pool-ethRocket Pool ETH (RETH) $ 2,631.35
  • flare-networksFlare (FLR) $ 0.008887
  • ousgOUSG (OUSG) $ 114.50
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999945
  • algorandAlgorand (ALGO) $ 0.084437
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.03
  • wbnbWrapped BNB (WBNB) $ 759.61
  • aptosAptos (APT) $ 0.953967
  • ignition-fbtcFunction FBTC (FBTC) $ 76,389.00
  • hash-2Provenance Blockchain (HASH) $ 0.013386
  • filecoinFilecoin (FIL) $ 0.972199
  • official-trumpOfficial Trump (TRUMP) $ 3.10
  • usddUSDD (USDD) $ 1.00
  • render-tokenRender (RENDER) $ 1.35
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • xdce-crowd-saleXDC Network (XDC) $ 0.033124
  • jupiter-exchange-solanaJupiter (JUP) $ 0.175400
  • beldexBeldex (BDX) $ 0.079952
  • binance-staked-solBinance Staked SOL (BNSOL) $ 108.24
  • vechainVeChain (VET) $ 0.007053
  • yldsYLDS (YLDS) $ 0.999909
  • stable-2​​Stable (STABLE) $ 0.028818
  • arbitrumArbitrum (ARB) $ 0.099152
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.10
  • ghoGHO (GHO) $ 1.00
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999720
  • usual-usdUsual USD (USD0) $ 0.998379
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 76,461.00
  • bonkBonk (BONK) $ 0.000006
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 76,491.00
  • decredDecred (DCR) $ 28.84
  • a7a5A7A5 (A7A5) $ 0.012660
  • true-usdTrueUSD (TUSD) $ 0.999465
  • clbtcclBTC (CLBTC) $ 76,920.00
  • kite-2Kite (KITE) $ 0.270593
  • blockstackStacks (STX) $ 0.260049
  • fasttokenFasttoken (FTN) $ 1.09
  • euro-coinEURC (EURC) $ 1.16
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.679902
  • sei-networkSei (SEI) $ 0.065924
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,419.84
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.34
  • justJUST (JST) $ 0.048834
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 33.97
  • tbtctBTC (TBTC) $ 70,942.00
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.006775
  • kinesis-goldKinesis Gold (KAU) $ 175.32
  • wrappedm-by-m0WrappedM by M0 (WM) $ 1.00
  • dashDash (DASH) $ 32.51
  • tezosTezos (XTZ) $ 0.370366
  • ether-fiEther.fi (ETHFI) $ 0.527673
  • usdaiUSDai (USDAI) $ 0.999677
  • layerzeroLayerZero (ZRO) $ 1.91
  • c8ntinuumc8ntinuum (CTM) $ 0.087592
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.999204
  • chilizChiliz (CHZ) $ 0.035852
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,455.82
  • pippinpippin (PIPPIN) $ 0.362452
  • usxUSX (USX) $ 0.999469
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999983
  • curve-dao-tokenCurve DAO (CRV) $ 0.240562
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • gnosisGnosis (GNO) $ 125.45
  • cocaCOCA (COCA) $ 1.30
  • apenftAINFT (NFT) $ 0.00000033
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.144586
  • bittorrentBitTorrent (BTT) $ 0.00000033
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 2,406.26
  • hastra-primePRIME (PRIME) $ 1.02
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 76,200.00
  • kaiaKaia (KAIA) $ 0.053259
  • sun-tokenSun Token (SUN) $ 0.015987
  • aerodrome-financeAerodrome Finance (AERO) $ 0.331481
  • humanityHumanity (H) $ 0.167079
  • wrapped-flareWrapped Flare (WFLR) $ 0.009961
  • adi-tokenADI (ADI) $ 3.13
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,266.86
  • siren-2Siren (SIREN) $ 0.407379
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.12
  • spx6900SPX6900 (SPX) $ 0.316024
  • story-2Story (IP) $ 0.830012
  • celestiaCelestia (TIA) $ 0.326290
  • injective-protocolInjective (INJ) $ 2.88
  • lighterLighter (LIT) $ 1.15
  • binance-peg-xrpBinance-Peg XRP (XRP) $ 1.59
  • bitcoin-svBitcoin SV (BSV) $ 14.06
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 2,443.47
  • iotaIOTA (IOTA) $ 0.064527
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,421.84
  • riverRiver (RIVER) $ 14.01
  • fraxLegacy Frax Dollar (FRAX) $ 0.988902
  • sbtc-2sBTC (SBTC) $ 77,039.00
  • jasmycoinJasmyCoin (JASMY) $ 0.005524
  • the-graphThe Graph (GRT) $ 0.025410
  • pyth-networkPyth Network (PYTH) $ 0.047125
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 115.56
  • olympusOlympus (OHM) $ 17.22
  • savings-usddSavings USDD (SUSDD) $ 1.03
  • crvusdcrvUSD (CRVUSD) $ 1.00
  • lombard-protocolLombard (BARD) $ 1.20
  • syrupMaple Finance (SYRUP) $ 0.232840
  • msolMarinade Staked SOL (MSOL) $ 133.18
  • flokiFLOKI (FLOKI) $ 0.000028
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,265.06
  • venice-tokenVenice Token (VVV) $ 6.02
  • btse-tokenBTSE Token (BTSE) $ 1.62
  • doublezeroDoubleZero (2Z) $ 0.074937
  • optimismOptimism (OP) $ 0.119560
  • staked-aaveStaked Aave (STKAAVE) $ 126.65
  • conflux-tokenConflux (CFX) $ 0.048552
Bitcoin

Researchers Uncover Undetectable Malware Draining Crypto Browser Wallets

By admin
0 117

Researchers Uncover Undetectable Malware Draining Crypto Browser Wallets

A new malware strain that can slip past antivirus checks and steal data from crypto wallets on Windows, Linux, and macOS systems was discovered on Thursday.

Dubbed ModStealer, it had remained undetected by major antivirus engines for almost a month at the time of disclosure, with its package being delivered through fake job recruiter ads targeting developers. 

The disclosure was made by security firm Mosyle, according to an initial report from 9to5Mac. Decrypt has reached out to Mosyle to learn more.



Distributing through fake job recruiter ads was an intentional tactic, according to Mosyle, because it was designed to reach developers who were likely already using or had Node.js environments installed.

ModStealer “evades detection by mainstream antivirus solutions and poses significant risks to the broader digital asset ecosystem,” Shān Zhang, chief information security officer at blockchain security firm Slowmist, told Decrypt. “Unlike traditional stealers, ModStealer stands out for its multi-platform support and stealthy ‘zero-detection’ execution chain.”

Once executed, the malware scans for browser-based crypto wallet extensions, system credentials, and digital certificates. 

It then “exfiltrates the data to remote C2 servers,” Zhang explained. A C2, or “Command and Control” server, is a centralized system used by cybercriminals to manage and control compromised devices in a network, acting as the operational hub for malware and cyberattacks.

On Apple hardware running macOS, the malware sets itself up through a “persistence method” to run automatically every time the computer starts by disguising itself as a background helper program. 

The setup keeps it running quietly without the user noticing. Signs of infection include a secret file called “.sysupdater.dat” and connections to a suspicious server, per the disclosure.

“Although common in isolation, these persistence methods combined with strong obfuscation make ModStealer resilient against signature-based security tools,” Zhang said.

The discovery of ModStealer comes on the heels of a related warning from Ledger CTO Charles Guillemet, who disclosed Tuesday that attackers had compromised an NPM developer account and attempted to spread malicious code that could silently replace crypto wallet addresses during transactions, putting funds at risk across multiple blockchains.

Although the attack was detected early and failed, Guillemet later noted that the compromised packages had been hooked to Ethereum, Solana, and other chains.

“If your funds sit in a software wallet or on an exchange, you’re one code execution away from losing everything.” Guillemet tweeted hours after his initial warning.

Asked about the new malware’s possible impact, Zhang warned that ModStealer poses a “direct threat to crypto users and platforms.”

For end-users, “private keys, seed phrases, and exchange API keys may be compromised, resulting in direct asset loss,” Zhang said, adding that for the crypto industry, “mass theft of browser extension wallet data could trigger large-scale on-chain exploits, eroding trust and amplifying supply chain risks.”

Source

admin 18783 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.