Be careful with modstealer: new invisible malware that steals your crypts without being detected

By Hannah Pérez

Security researchers have sounded alarms on Modstealer, a new invisible malware that threatens to steal credentials of cryptocurrency wallets without being detected by antivirus.

***

• Security experts warn about a new malware that aims to steal cryptocurrencies
• Modstealer goes to wallet extensions and goes unnoticed without being detected by antivirus.
• It affects users from both Apple, Windows and Linux.
• It is infiltrated through false employment ads aimed at developers.

---

In a world where cyber attacks are increasingly frequent, a new threat arises that could empty your savings in cryptocurrencies without you realizing.

It’s about Modstealera new malware that was recently discovered by the security company Mosylespecialized in Apple devices, and that is going through completely unnoticed by the main antivirus programs.

A recent report of 9to5Mac alarms on this new computer virus have sounded that, as explained exclusively Mosylehas been active for almost a month without being detected by the main antivirus programs, which makes it especially dangerous for beginner users who trust basic protection tools.

Modstealer: What is and how does it open without raising suspicions

Reportedly, Modstealer is designed to function as a “data thief” that It focuses on stealing sensitive information, especially cryptocurrency digital wallets.

Imagine a digital wallet –similar to an online bank account where you keep your digital currencies such as Bitcoin–; This malware seeks “private keys” (secret codes that allow you to access your funds) and other configuration details such as user credentials or security certificates, to access and empty the cryptocurrency warehouse.

To do so, use a complicated and obfuscated code written in Javascript, a common programming language on the Internet, which allows it to go unnoticed. Once installed, you can capture what the victim copy on the clipboard (as passwords), take photos of her screen and even run remote commands, giving the attacker almost total control of the device.

How does this malware spread? Mainly through false employment ads aimed at software developers. Cyber ​​criminals use these deceptive ads so that the victims download the malicious program without suspecting.

Modstealer It operates under a model called “Malware-As-A-Service” (Maaas), which is like a malicious tools rental service: creators sell it to other criminals who do not need to be experts to use it. This facilitates that more malicious people take advantage of it, increasing the risk of data theft for all.

Aimed at 56 browser wallet extensions

One of the most alarming aspects of Modstealer It is its multi -systems scope: malware affects several operating systems, not only Apple macOS, but also Windows and Linux. In Mac computers, for example, it hides abusing a legitimate tool called Launchctl, which helps to execute programs automatically, becoming a “launch agent” that is activated in silence and sends stolen data to remote servers, possibly in Finland or Germany to hide the origin of the attackers.

In particular, it has been reported that points to 56 wallet extensions in web browsersincluding safari, extracting valuable information that would give attackers access to cryptocurrency balances.

The impact of this malware is worrying. Although no specific victims have been reported Modstealer Until now, it is part of a growing wave of similar threats. At the beginning of the year, Jamf reported a 28% increase in malware Infostealera type of malicious software designed to infiltrate computers, cell phones or other devices and steal sensitive data without being detected, especially among Mac users, as 9th5Mac remembers

Recommendations before the propagation of threats

Experts like those of Mosyle They warn that traditional antivirus, which are looking for “signatures“Or known virus patterns, are not enough against threats like this.”For security professionals, developers and end users equally, this serves as a forceful reminder that protections based only on signatures are not enough“

“Continuous monitoring, behavior -based defenses and emerging threats are essential to stay ahead of adversaries”they pointed out from Mosyle.

The alert call about Modstealer It occurs after a recent attack on the NPM platform (a repository for programmers), where the attackers managed Ethereum, Solarium and others, secretly exchanging the destination addresses.

The director of Technology of LedgerCharles Guillemet, warned cryptocurrency users and advised to stop all kinds of chain transactions to avoid losses. Despite the danger, he said later that the attack had turned out “Fortunately failed“, With data from Arkham suggesting that only USD $ 1,000 was stolen in cryptocurrencies.

These findings highlight the importance of caution in the digital world and show how computer viruses can climb quickly and affect rookie investors who keep their funds in browser extensions.

To protect you, avoid clicking suspicious employment ads, keep your software updated and consider using hardware wallets instead of extensions in the browser. If you suspect an infection, check your device with advanced monitoring tools. Do not lose sight of, if you use online wallets, your cryptocurrencies could be at risk without you knowing it.

---

Article written with the help of AI, edited by Diariobitcoin

Image of Depositphotos

WARNING: Diariobitcoin offers informative and educational content on various topics, including cryptocurrencies, AI, technology and regulations. We do not provide financial advice. Cryptactive investments are high risk and may not be adequate for all. Investigate, consult an expert and verify the applicable legislation before investing. I could lose all its capital.