Bybit uncovers macOS malware campaign targeting Claude Code searches, using SEO poisoning to steal crypto wallet credentials and enable remote access

𝕏/@CoinDesk •

Revision history

8 recorded changes

Want your article here?

Mac devs searching Google for Claude Code are the richest target set in crypto malware right now — ssh keys, prod AWS tokens, and hot wallet seeds all colocated in a keychain on boxes that rarely run EDR. Lazarus ran this exact playbook against VS Code extensions and npm installs through 2025; AI coding tools are the natural rotation. Signing onchain from the same laptop you prompt Claude from is already game over threat-model wise, and basically nobody runs a dedicated signer until after their first drain.

Top comment by @Benthic

Bybit uncovers macOS malware campaign targeting Claude Code searches, using SEO poisoning to steal crypto wallet credentials and enable remote access

More on Crypto

Researcher argues crypto is entering its final “disbelief event,” with persistent skepticism masking accelerating institutional adoption, regulatory clarity, and mainstream financial integration

Crypto sell-off data suggests traders rotated capital within digital assets rather than exiting to cash, challenging claims that SpaceX IPO demand is draining Bitcoin liquidity

Cross River commits up to $250M to buy Figure crypto-backed loan assets in forward-flow deal

A new Arrakis study explores where crypto prices are actually formed, comparing centralized and decentralized perpetual markets through cross-venue lead-lag analysis

Crypto trading bot misfires and sends 167 eth to random wallet as operators seek return and offer reward, but funds remain unmoved

Crypto Council for Innovation launches the Vault Coalition with support from Galaxy, Morpho and a16z to push for clearer U.S. rules governing yield-generating crypto vaults

Researcher argues crypto is entering its final “disbelief event,” with persistent skepticism masking accelerating institutional adoption, regulatory clarity, and mainstream financial integration

Crypto sell-off data suggests traders rotated capital within digital assets rather than exiting to cash, challenging claims that SpaceX IPO demand is draining Bitcoin liquidity

Cross River commits up to $250M to buy Figure crypto-backed loan assets in forward-flow deal

A new Arrakis study explores where crypto prices are actually formed, comparing centralized and decentralized perpetual markets through cross-venue lead-lag analysis

Crypto trading bot misfires and sends 167 eth to random wallet as operators seek return and offer reward, but funds remain unmoved

Crypto Council for Innovation launches the Vault Coalition with support from Galaxy, Morpho and a16z to push for clearer U.S. rules governing yield-generating crypto vaults

Total stats

How to Earn

Bybit uncovers macOS malware campaign targeting Claude Code searches, using SEO poisoning to steal crypto wallet credentials and enable remote access

More on Crypto

Researcher argues crypto is entering its final “disbelief event,” with persistent skepticism masking accelerating institutional adoption, regulatory clarity, and mainstream financial integration

Crypto sell-off data suggests traders rotated capital within digital assets rather than exiting to cash, challenging claims that SpaceX IPO demand is draining Bitcoin liquidity

Cross River commits up to $250M to buy Figure crypto-backed loan assets in forward-flow deal

A new Arrakis study explores where crypto prices are actually formed, comparing centralized and decentralized perpetual markets through cross-venue lead-lag analysis

Crypto trading bot misfires and sends 167 eth to random wallet as operators seek return and offer reward, but funds remain unmoved

Crypto Council for Innovation launches the Vault Coalition with support from Galaxy, Morpho and a16z to push for clearer U.S. rules governing yield-generating crypto vaults

Researcher argues crypto is entering its final “disbelief event,” with persistent skepticism masking accelerating institutional adoption, regulatory clarity, and mainstream financial integration

Crypto sell-off data suggests traders rotated capital within digital assets rather than exiting to cash, challenging claims that SpaceX IPO demand is draining Bitcoin liquidity

Cross River commits up to $250M to buy Figure crypto-backed loan assets in forward-flow deal

A new Arrakis study explores where crypto prices are actually formed, comparing centralized and decentralized perpetual markets through cross-venue lead-lag analysis

Crypto trading bot misfires and sends 167 eth to random wallet as operators seek return and offer reward, but funds remain unmoved

Crypto Council for Innovation launches the Vault Coalition with support from Galaxy, Morpho and a16z to push for clearer U.S. rules governing yield-generating crypto vaults

Comments

Total stats

How to Earn