ModStealer: Malware Targeting Crypto Wallets,

[Youngrebel]

"ModStealer is a cross-platform virus designed to steal wallet keys and sensitive data. Antivirus detection is minimal, making it a serious risk for anyone holding digital assets."


Whenever I see such, my mind is in trouble on my bitcoin investment. Because most of us have no extra security measures to protect our assets except the security from the wallet developers.

You can read more on it.

Here

New ModStealer Malware Poses Threat to Crypto Wallets on macOS, Windows and Linux

[Hypnotizer]

"ModStealer is a cross-platform virus designed to steal wallet keys and sensitive data. Antivirus detection is minimal, making it a serious risk for anyone holding digital assets."


Whenever I see such, my mind is in trouble on my bitcoin investment. Because most of us have no extra security measures to protect our assets except the security from the wallet developers.

You can read more on it. New “ModStealer” Malware Targets Crypto Wallets, Evades Antivirus Detection
]New ModStealer Malware Poses Threat to Crypto Wallets on macOS, Windows and Linux

Well, it is completely okay to feel concerned about what  the implication of malware like Modstealer Will do especially in the term of bitcoin investments. With the rising cases of cyber threat attacking digital assets like bitcoin, it is important for all bitcoin holders to prioritize the security and take great measures to protect their investment.

The ability of the malware to pass antivirus detection create a misleading sense of security that can make investors vulnerable. This shows how hackers are developing complicated method to compromise wallets and steal sensitive data.

Awareness like in this case and sharing of experiences help investors safeguard their digital assets like bitcoin if they are updated with news about new methods developed by hacker to compromise wallets.



Your investment need the best protection, take action now and stay updated.

[Youngrebel]

Your investment need the best protection, take action now and stay updated.

The major target is windows, and other Operating Systems, and the best option now to protect our assets is hardware wallets but it is not easy to get hardware wallets in the third world countries mostly my country. And my location nobody sell such device. So we are still solemnly depends on the software wallets of either android app or the desktop software. And we depends on the developers security of the wallets.

[Hypnotizer]

Your investment need the best protection, take action now and stay updated.

The major target is windows, and other Operating Systems, and the best option now to protect our assets is hardware wallets but it is not easy to get hardware wallets in the third world countries mostly my country. And my location nobody sell such device. So we are still solemnly depends on the software wallets of either android app or the desktop software. And we depends on the developers security of the wallets.

You can get a hardware wallet even tho there are No people selling them in your location maybe you can order from the manufacturer and ship it to your location because depending on software wallet is the most risking approach for someone who wants the security of his investment.

[Outhue]

Stealing data is acceptable since you have to run your email account on windows 11 to have full access to your PC this days, this is fair enough but anyone that keeps their recovery seed and private keys on a computer are nothing but stupid people. PC is the home of viruses and you can't be careful enough.

You have to keep your crypto related things out away from your PC, that's why we have separate crypto wallets like Tangem, Ledger and others, I've never liked the idea of running a crypto wallet on my PC, I know it's not safe to do so, it is also very hard to be 100% careful all the time, how can you keep up with this when most times you will be browsing the internet. Get a separate crypto wallet and this problem is done with.

[shield132]

OP you have a wrong link in the text. Your link redirects me to this while the real link should be this.
Btw there is a reason why we have two terms for wallets. We call one wallet a hot wallet and the other a cold wallet. We should never hold more than we can afford to lose in a hot wallet, we should hold our savings in cold wallet, either on a secure computer or on a hardware wallet. I prefer a hardware wallet because it's not expensive, it's very secure and you mostly buy it once and keep it for years.

[Yaunfitda]

OP you have a wrong link in the text. Your link redirects me to this while the real link should be this.
Btw there is a reason why we have two terms for wallets. We call one wallet a hot wallet and the other a cold wallet. We should never hold more than we can afford to lose in a hot wallet, we should hold our savings in cold wallet, either on a secure computer or on a hardware wallet. I prefer a hardware wallet because it's not expensive, it's very secure and you mostly buy it once and keep it for years.

And this is what the article says as well:

“A clear separation between the development environment ‘dev box’ and wallet environment ‘wallet box’ is essential,”

https://cointelegraph.com/news/modstealer-malware-crypto-wallets-fake-job-ads

And if we can buy a hardware wallet or make profits in crypto, then we might as well have a separate machine as well for our daily needs and another one for our crypto thing. It's better to safe that sorry. And this criminals have evolved and using anything that they weaponized, like here, it's a job ads. Sooner or later and with the promise of huge salary, someone will have to let their guards down and didn't think that a simply job application will turn out to be their worst experience as if the machine they installed have their crypto, then the hackers are going to steal with this sophisticated attack.

[SmartGold01]

This shouldn’t be what would put you into frightening because whenever you used the right wallet you would never have fear to lose any of digital assets except you used the wrong wallet on you leave your personal information online where they could easily have access to your data before you could get hacked or phished. The most important thing should be that all your asset is in a noncustodial wallet where only you have access to the wallet than leaving your personal information online where others could likely penetrate it.
After transactions always make sure your system remains of online and has no access to any connectivity or even your hardware wallet should placed where you have access to it.

[Bitcoin_Arena]

OP you have a wrong link in the text. Your link redirects me to this while the real link should be this.
Btw there is a reason why we have two terms for wallets. We call one wallet a hot wallet and the other a cold wallet. We should never hold more than we can afford to lose in a hot wallet, we should hold our savings in cold wallet, either on a secure computer or on a hardware wallet. I prefer a hardware wallet because it's not expensive, it's very secure and you mostly buy it once and keep it for years.

In fact a cold wallet should be in an air gapped device. That way, it eliminated the possibilities of hackers or attackers from gaining access to the funds/Bitcoins.
I think we need more education about air gapped devices or cold wallets to newbies and even old users.

[X-ray]

Whenever I see such, my mind is in trouble on my bitcoin investment. Because most of us have no extra security measures to protect our assets except the security from the wallet developers.

If you're holding for long term, I'd recommend gapped device. Whatever exploit there is if it can't connect to internet those hackers can do nothing and once you connected that wallet to the internet, you can easily create a new one to ensure maximum security.

From what I see, hackers are trying to attack supply chain on NPM package manager and smart contract capable blockchain are the one that's vulnerable. With bitcoin you just need to worry about making your privkey or seed phrase secure.

With those smart contract blockchains, you literally need to see your address spending approval, etc. I think it's still manageable for bitcoin holders.

[tread93]

"ModStealer is a cross-platform virus designed to steal wallet keys and sensitive data. Antivirus detection is minimal, making it a serious risk for anyone holding digital assets."


Whenever I see such, my mind is in trouble on my bitcoin investment. Because most of us have no extra security measures to protect our assets except the security from the wallet developers.

You can read more on it. New “ModStealer” Malware Targets Crypto Wallets, Evades Antivirus Detection
New ModStealer Malware Poses Threat to Crypto Wallets on macOS, Windows and Linux

Something very important to pay attention to. And yet so many people get into crypto and still dont so one thing to prepare themselves and leave themselves vulnerable for hacking into

[shinratensei_]

Just use hardware wallet, but this is also the reason why I've never installed any random apps beside the one in app store, I just can't risk my data being stolen and it's a good security measure.
I'm grateful that iOS can't side load apps (except in EU) and maybe this is also the reason why android is starting to become closed to side loading.

Can never be too paranoid these days when there are malwares everywhere. Even clicking a zoom link provided by those scammer can get your PC infected.

[headingnorth]

ModStealer specifically targets browser extension wallets like Metamask and the millions of shitcoins that rely heavily on them.

The whole shitcoin ecosystem runs on DEXes, Metamask and other browser wallets, etc. In other words, a hacker and malware paradise.

Just stay far away from the shitcoin/altcoin world and you won't have to worry about it.

[aoluain]

OP you have a wrong link in the text. Your link redirects me to this while the real link should be this.
I prefer a hardware wallet because it's not expensive, it's very secure and you mostly buy it once and keep it for years.

And they are very easy to conceal which is an added advantage over a tablet, laptop
or desktop alternatives.

If you have the mindset and conviction to be able to store the private keys safely
you have a good secure Bitcoin storage system.


Malware like in this thread just proves that the scammers havent stopped,
they are constantly evolving in line with security updates. This is a reminder to
check and update our systems and security.

[Satofan44]

While I have nothing against OP in particular, these kinds of threads are getting pointless. It seems that for every news article regarding malware someone is rushing to the forum to open yet another topic about malware. There is so much malware out there that there is no good point in opening a topic for each one. Instead threads should focus on security advice and knowledge. Just because you are aware of this particular malware that won't protect you from getting infected by it or by other malware if you are using the internet wrong, which most people are.

ModStealer specifically targets browser extension wallets like Metamask and the millions of shitcoins that rely heavily on them.

The whole shitcoin ecosystem runs on DEXes, Metamask and other browser wallets, etc. In other words, a hacker and malware paradise.

Just stay far away from the shitcoin/altcoin world and you won't have to worry about it.

You can use Metamask with a hardware wallet like Ledger though, so really I blame primarily the users. Obviously you won't get the fast and snappy experience with this method as you would with the extension wallets. However, security usually has a direct trade off with usability. Still if you really think about how bad the shitcoin world is, you can easily get drained on ETH and many chains even if you use a Ledger with Metamask. All it takes is one bad approval and all your ETH based coins and tokens are gone.  

[yhiaali3]

Yes, I have heard about this dangerous virus targeting crypto wallets. Fortunately, it was discovered early, but who knows how much malware is operating secretly and has yet to be detected?

What's striking about this virus is its ability to interact with multiple systems: macOS, Windows, and Linux. Previously, most viruses targeted Windows systems because their protection was weaker. Today, however, we see viruses evolving to interact with all systems. This is a very dangerous indicator.

[Satofan44]

What's striking about this virus is its ability to interact with multiple systems: macOS, Windows, and Linux. Previously, most viruses targeted Windows systems because their protection was weaker. Today, however, we see viruses evolving to interact with all systems. This is a very dangerous indicator.

Some Linux, never all Linux.  This is a key difference between Linux and the other operating systems. The others are more uniform and putting aside other security considerations this makes them easier to infect by design. Usually malware runs into issues on Linux because the systems tend to be different. The paths are different and the installed libraries are different. Actually it can be fun try to deploy some known malware on a test installation of Linux and investigate all the ways in which it fails to infect the system. Anyhow for this particular case they just mention that it can infect Linux but I could not find information about the detailed flow.

The malware spreads in a clever way. Hackers disguise it as part of fake job ads for developers. Since many developers already use Node.js, the attackers use that setup to trick them into downloading the infected files. Once installed, the malware secretly begins its mission to drain valuable information.
https://www.msn.com/en-us/news/technology/researchers-uncover-stealthy-malware-named-modstealer-draining-crypto-browser-wallets/ar-AA1MpCWK

That's as much as I could find. If someone can find a better investigative source please share it.

[yhiaali3]

~
That's as much as I could find. If someone can find a better investigative source please share it.

I also searched a bit and didn't find any more technical details.
But from what I understood from the article, it all relies primarily on social engineering. Through social engineering, attackers trick victims into installing malicious packages. They then install them manually and grant them all the necessary permissions to run on their systems as if they were legitimate software.

So, the issue is primarily about deceiving users. As long as the virus has been granted the necessary permissions by the user, it should be easy for it to operate secretly in the background.

[Loyang]

To avoid all these attacks, we should use hardware wallets. Because hardware wallets are often outside the internet, due to which it will not be easy to attack hardware wallets. Hardware wallets have advantages as well as disadvantages. For example, they get damaged after being stored for a long time, and there is a possibility of getting damaged in water or fire.

Instead of worrying too much about malware, we need to focus on what we can do to stay safe. Just as malware is created, we have to take steps to protect ourselves from it. We need to do a little research and find out all these aspects and keep our holdings safe.

[nemesis_incarnate]

Imo, these fake job ads surely would look shady from the start for the people long enough browsing the web..