SlowMist: macOS malware-as-a-service platform MioLab is targeting crypto assets and hardware wallets.

CoinFeed reported on April 24th that 23pds, Chief Information Security Officer of SlowMist, published an article on the X platform stating that MioLab is a highly commercialized macOS Malware-as-a-Service (MaaS) platform actively promoted on Russian-language underground forums. It specifically targets cybercrime groups, providing C2 control, API integration, and customized attack capabilities. Its primary objective is the theft of encrypted assets, and it even offers dedicated attack modules targeting hardware wallets such as Ledger and Trezor. Through a lightweight payload combined with a fully functional web backend, attackers can efficiently steal sensitive browser data and encrypted wallet assets, and bypass macOS security protections using highly customized social engineering decoys to achieve more covert long-term control.