Antivirus-proof crypto stealer targets Mac, Windows, and Linux users

Published: 12 September 2025
Last updated: 12 September 2025
linux logo windows apple bitcoin malware shield bubble
Image by Cybernews.

It seems that antivirus developers will need to ramp up their efforts. Researchers have discovered new malware that went undetected by top antivirus programs across all major operating systems.

Apple device management and security company Mosyle shared its findings about ModStealer with 9to5Mac, noting that the malware is being distributed through social engineering campaigns, where criminals use fake job ads targeting developers.

ModStealer targets 56 browser-based crypto wallets, attempting to extract private keys and other sensitive information that would grant criminals access to victims’ funds. Moreover, according to the report, the malware can capture clipboard data, take screenshots, and execute code remotely, giving attackers near-total control over a compromised device, all while bypassing signature-based detection.

ADVERTISEMENT

Meanwhile, in August 2025, Mosyle also identified a new Mac malware strain, dubbed JSCoreRunner, which similarly evaded all detections on VirusTotal, a platform designed to flag malware and malicious content.

Cybersecurity firm SentinelOne recently noted that while malware distributed through browser plugins and pop-up adware is relatively easy to detect, threat actors continue to evolve.

malware spotted magnifying glass easy to detect bug
Image by Cybernews.

“Modern [endpoint detection and response] toolsets, while still maintaining traditional antivirus protections, integrate the advantages of [next-generation antivirus] by monitoring system behavior to identify potential attacks that may not be caught by signature-based scanning,” the firm said, adding that AI-powered solutions help expedite response operations significantly.

justinasv Niamh Ancell BW vilius Izabelė Pukėnaitė
Don’t miss our latest stories on Google News
Google News Follow us

According to the company, natural language queries now allow security teams to be more efficient and effective, enabling investigations without requiring expertise in query languages.

“Today, we have fully funded threat operations, state-backed and organized like standard businesses. This operationalization of cybercrime has ushered in an era of threats with focused agendas and more tangible impacts on business,” SentinelOne concluded.

Unlock more exclusive Cybernews content on YouTube.

ADVERTISEMENT

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT