Hackers Target Atomic and Exodus Wallets Through Open-Source Malware
Cybercriminals are stepping up their game, exploiting trusted software tools to infiltrate popular crypto wallets like Atomic and Exodus.
In a recent investigation, cybersecurity firm ReversingLabs uncovered a stealthy malware campaign that uses open-source repositories to distribute infected packages.
The attackers have been slipping malicious code into tools disguised as harmless utilities—such as PDF converters—on the Node Package Manager (NPM) platform. Once unsuspecting users install them, the malware launches a silent, multi-step operation: scanning the system for wallet data, injecting code to hijack clipboard activity, and quietly replacing copied wallet addresses with those controlled by the attackers.
Even after uninstalling the rogue software, traces of the malware often remain. ReversingLabs warns that to fully remove the threat, users may need to wipe and reinstall their wallets from trusted sources.
READ MORE: Is Bitcoin Quietly Positioning Itself to Replace the U.S. Dollar?
The campaign doesn’t stop there. It also collects device information to help attackers refine their methods for future attacks, revealing a high level of sophistication. In a parallel case, Kaspersky reported a similar tactic using SourceForge, where fake Microsoft Office installers concealed both clipboard hijackers and crypto miners.
These incidents point to a disturbing trend: attackers are increasingly abusing open-source platforms to hide malware in tools that developers and users trust. The broader threat to the software supply chain is growing—particularly in crypto, where more than $1.5 billion was lost to hacks and exploits in Q1 2025 alone, including a massive $1.4 billion Bybit breach.
Experts are urging both users and developers to be more cautious than ever—verifying sources, monitoring software behavior, and strengthening cybersecurity measures to stay ahead of evolving threats.
Alexander Stefanov
Reporter at CoinsPress
Alex is an experienced finance journalist and a cryptocurrency and blockchain enthusiast. With over five years of experience covering the industry, he deeply understands the complex and constantly evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His passionate approach allows him to break down complex ideas into accessible and insightful content. Follow up on his content to be up to date with the most important trends and topics - stay ahead of the curve with CoinsPress.
