MioLab, a macOS malware-as-a-service platform, is actively targeting crypto assets and hardware wallets, according to SlowMist's Chief Information Security Officer, 23pds. Operating on Russian-language underground forums, MioLab provides cybercriminals with command and control (C2) capabilities, API integration, and customized attack modules. The malware specifically targets hardware wallets like Ledger and Trezor, using lightweight payloads and a sophisticated web backend to steal sensitive browser data and crypto assets. It employs advanced social engineering tactics to bypass macOS security measures, allowing attackers to maintain covert control over infected systems.