Wallet-stealer malware on macOS: here’s what I built to solve it \ stacker news ~privacy

pull down to refresh

Wallet-stealer malware on macOS: here’s what I built to solve it www.getshieldkey.com

4290 sats \ 20k boost \ 11 comments \ @panicsell 22h privacy

Wallet-stealer malware for MacOS wallets is getting nastier and most AVs don’t detect it. I’m a solo dev and built a local-only tool, ShieldKey, for browser extension wallets (MetaMask, Rabby, Phantom, Keplr, and 140+ more) + some hardware wallets like Trezor & Ledger.

No cloud, no telemetry, never touches your seed/private key
Free and offline, privacy-maxi
Indie project (open source coming after beta feedback)

Would love honest feedback or even a “tear it apart” code review before the full public launch. Open to any Qs here or DM. Cheers.

view all related items

293 sats \ 5 replies \ @k00b 21h

It's shady to offer a dmg without source code for something like this.

0 sats \ 4 replies \ @panicsell OP 21h

It's shady to offer a dmg without source code for something like this.

I plan to open source the code as soon as the core design and approach stabilizes (I want feedback first, and don’t want to publish something half-baked). For now, I get that asking anyone to run a closed-source security tool is a huge trust leap, which is why the beta is free, fully local, and I actively invite people to tear it apart, reverse it, or even audit it however they want.

338 sats \ 3 replies \ @k00b 21h

This

don’t want to publish something half-baked

and

I actively invite people to tear it apart, reverse it, or even audit it however they want

are inconsistent with each other.

No one should download this. You're an internet anon making promises about what happens after a leap of faith is already taken.

0 sats \ 2 replies \ @panicsell OP 21h

No promises - if you don’t feel safe, definitely don’t install. I’ll work on getting a minimal version open sourced ASAP. Until then, treat it like a curiosity or don’t touch it at all.

Main reason for closed-source: I’m paranoid about leaking stuff that could be exploited, and the code is still a mess. I plan to open-source once the core is stable and not embarrassing.

33 sats \ 1 reply \ @ek 19h

I’m paranoid about leaking stuff that could be exploited

You said it works offline. From your site:

Works Offline: Core protection features function perfectly without an internet connection.

So what could there be to exploit?

I plan to open-source once the core is stable and not embarrassing.

You're too embarrassed to show your code, but you're not too embarrassed to ask people to trust you with a tool that probably requires root access?

ShieldKey monitors file access, blocks malicious sites/extensions, checks network connections, and guards system files—all in real-time, locally on your Mac.

0 sats \ 0 replies \ @panicsell OP 18h

Fair enough. Not open-sourcing from day one isn’t about hiding anything malicious; it’s just me being a perfectionist about code quality and avoiding ‘script kiddie’ exploits while things are still raw. No one should trust a new closed-source security tool, especially one that touches wallet files.

If anyone wants to audit or review, I can provide limited source or walkthroughs privately for now. Full open source is the plan after v1 beta feedback and tightening up anything stupid I missed as a solo dev.

Not trying to ‘hide’ - just not ready to defend half-baked code in public yet. If that’s a dealbreaker, 100% respect that, app’s not for you (yet).

reply on another page

100 sats \ 1 reply \ @k00b 21h

I'm not sure if Keith from Branta is on here, but they were working on something similar at some point. I suspect there might've been a few attempts at this product category already. I'd try and find those and talk to the builders.

33 sats \ 0 replies \ @panicsell OP 21h

I actually looked at Branta a while back, but couldn’t find a working Mac build (let alone something local/offline). Totally agree, feels like there have been a bunch of starts but not much follow-through, if anyone knows who’s shipping or has feedback, would genuinely appreciate intros or thoughts.

I’m honestly building this to scratch my own itch, but open to talking with anyone who’s tried solving it (or failed and learned something).

100 sats \ 2 replies \ @028559d218 21h

People on Stacker News have no interest in MetaMask, Rabby, Phantom etc... This is a Bitcoin-only space.

Maybe try r/Cryptocurrency instead?

0 sats \ 1 reply \ @panicsell OP 21h

People on Stacker News have no interest in MetaMask, Rabby, Phantom etc... This is a Bitcoin-only space. Maybe try r/Cryptocurrency instead?

Fair enough. I’m coming from the EVM/Solana world where most of the wallet-stealer malware is hitting browser extension users, so that’s where I started.

But the tool also supports desktop wallets (Electrum, Atomic, Exodus, Ledger Live, Sparrow, etc.), if there's interest in adding some particular wallets, happy to prioritize that and would love feedback on threat models or what you actually care about protecting.

300 sats \ 0 replies \ @028559d218 21h

Owning any non-proof-of-work cryptocurrency is a 'threat model' in itself. And any other PoW crypto has to compete with Bitcoin. Which it can't.

Bitcoin-only or it's a waste of time. EVM/Solana people in their 'browsers' are morons.