#bip39 — Public Fediverse posts

“Say My Name”: How MioLab is building MacOS Stealer Empire

MioLab, also known as Nova, is a sophisticated Malware-as-a-Service platform targeting macOS environments, heavily advertised on Russian-speaking underground forums. The platform features extensive data exfiltration capabilities, including browser credential theft, cryptocurrency wallet targeting (supporting over 200 browser extensions and 50+ desktop wallets), and a premium module specifically designed to compromise Ledger and Trezor hardware wallets by intercepting 24-word BIP39 recovery seed phrases. The lightweight C-based payload supports both Intel and Apple Silicon architectures across macOS versions from Sierra to Tahoe. MioLab employs sophisticated social engineering through customizable DMG builders with live preview features, fake system prompts, and ClickFix integration. Recent updates demonstrate rapid development, including Safari cookie grabbing, automated Apple Notes decryption, and universal hardware wallet modules. The operation utilizes bulletproof hosting services and shares infrastruct...

Pulse ID: 69f3653e884ec7a430371ba3
Pulse Link: https://otx.alienvault.com/pulse/69f3653e884ec7a430371ba3
Pulse Author: AlienVault
Created: 2026-04-30 14:20:46

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BIP39 #Browser #CyberSecurity #Edge #InfoSec #Mac #MacOS #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #RCE #Russia #Safari #SocialEngineering #Word #bot #cryptocurrency #AlienVault

12 слов вместо номера телефона: как мы сделали мессенджер невидимым для файрволов

BIP39 вместо номера телефона, ECDH P-256 + AES-256-GCM, non-extractable CryptoKey, трафик неотличимый от HTTPS. Как это устроено, что сломалось в процессе и почему некоторые решения были болезненными.

https://habr.com/ru/articles/1016900/

#e2ee #мессенджер #шифрование #bip39 #web_crypto_api #pwa #seed_phrase #приватность #dpi #typescript

Missing words in a seed phrase: How many are recoverable? - Remembering and deliberately missing a few words from a seed phrase back... - https://cointelegraph.com/news/private-key-missing-words-recoverable #bitcoinimprovementproposal39 #hardwarewallet #selfcustody #privatekeys #computation #seedphrase #custody #chatgpt #wallet #bip39 #hacks

Missing words in a seed phrase: How many are recoverable? - Remembering and deliberately missing a few words from a seed phrase back... - https://cointelegraph.com/news/private-key-missing-words-recoverable #bitcoinimprovementproposal39 #hardwarewallet #selfcustody #privatekeys #computation #seedphrase #custody #chatgpt #wallet #bip39 #hacks

Missing words in a seed phrase: How many are recoverable? - Remembering and deliberately missing a few words from a seed phrase back... - https://cointelegraph.com/news/private-key-missing-words-recoverable #bitcoinimprovementproposal39 #hardwarewallet #selfcustody #privatekeys #computation #seedphrase #custody #chatgpt #wallet #bip39 #hacks

Missing words in a seed phrase: How many are recoverable? - Remembering and deliberately missing a few words from a seed phrase back... - https://cointelegraph.com/news/private-key-missing-words-recoverable #bitcoinimprovementproposal39 #hardwarewallet #selfcustody #privatekeys #computation #seedphrase #custody #chatgpt #wallet #bip39 #hacks

After further research I've learned that #seedphrases contain some redundancy so that a user can get a few letters wrong and still use the phrase.

Also, a single #seedphrase can code for multiple private keys so you can have multiple addresses with one SP.

However, seedphrases generated by some wallets won't be compatible with other ones.

There's a standard called #BIP39 and some common word lists that wallets can adhere to for compatibility.

#bitcoin #btc #crypto #cryptocurrency