Security researchers at Mosyle have exposed a sophisticated cross-platform malware, dubbed ModStealer, which is actively targeting cryptocurrency browser wallets. The malware operates by bypassing conventional antivirus defenses, enabling it to siphon digital assets undetected from unsuspecting users. ModStealer infiltrates systems through disguised downloads or phishing schemes, then scans for and extracts sensitive wallet data such as seed phrases and private keys stored in browsers. This information is transmitted to remote servers controlled by threat actors, leading to irreversible fund losses. The malware’s architecture allows it to adapt across multiple operating systems, broadening its potential impact. Experts emphasize the critical need for heightened vigilance, recommending hardware wallets for substantial holdings and rigorous verification of software sources. The disclosure underscores persistent vulnerabilities in hot wallet storage and the escalating sophistication of cyber threats targeting digital assets.
