Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Exodus

Exodus Vendor Cyber Rating & Cyber Score

exodus.com

Exodus is a secure user-friendly crypto wallet where you can store, manage and swap all of your blockchain assets in one place. We are a one hundred percent remote company with people working for us across 44+ countries. We offer our team location autonomy and the option to choose their own hours. Come join us help half of the world exit the traditional financial system!


Exodus A.I CyberSecurity Scoring

Exodus
Company Information
Website:https://www.exodus.com
Employees number:285
Number of followers:16,291
NAICS:52
Industry Type:Financial Services
Homepage:exodus.com
Exodus Risk Score (AI oriented)
Between 700 and 749
logo
ExodusFinancial Services
Updated:
16/07/2026
736/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Exodus Global Score (TPRM)
xxxx
logo
ExodusFinancial Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Exodus
ExodusModerate
Current Score
736Ba (MODERATE)
01000
1 incidents
-21 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
735Before Incident
JUNE 2026
756Before Incident
Cyber Attack
01 Jun 2026Exodus
Electrum, Exodus, Ledger and Trezor: Hackers Pair Stolen Wallet Databases With Keychain Passwords for Offline Crypto Theft

New macOS Infostealer Targets Cryptocurrency Wallets with Offline Attack Chain

735After Incident
CRITICAL-21
ELEEXOLEDTRE1784199019
New macOS Infostealer Targets Cryptocurrency Wallets with Offline Attack Chain Security researchers at SlowMist have uncovered a sophisticated macOS-focused infostealer designed to harvest credentials, wallet databases, and session data for offline cryptocurrency theft. Detected by the MistEye monitoring system, the malware casts a wide net, extracting sensitive information from Apple Keychain, Safari and Chromium browsers, Telegram Desktop, Apple Notes, and multiple wallet applications including Electrum, Exodus, Atomic, Wasabi, Monero, Bitcoin Core, Ledger Live, and Trezor Suite. The malware’s primary threat lies in its ability to pair stolen wallet databases with potential unlocking material, such as passwords from Keychain or browser stores. While most wallet apps encrypt data locally, attackers can test harvested credentials against exfiltrated wallet files in an isolated environment, bypassing the limitations of online password-guessing attacks. SlowMist demonstrated this by successfully decrypting Atomic Wallet data using a password obtained from the victim’s Keychain. Once a wallet’s recovery phrase or private key is extracted, simply reinstalling the app or changing its password offers no protection. The malware also employs social engineering tactics, including a fake "Google API Connector" update prompt to capture the victim’s macOS password. It validates credentials using the `dscl` authentication utility, ensuring attackers obtain the correct login details. Additionally, it targets Chrome Safe Storage secrets from Keychain, which can decrypt stored browser logins and cookies. Telegram users face a separate risk: the stealer copies the `tdata` directory, containing encryption keys and session state. In lab tests, restoring these files on a compatible Mac immediately granted access to the victim’s account without requiring SMS codes or two-factor authentication effectively hijacking an active session. Stolen `tdata` artifacts could also be converted into programmable Telegram API sessions, enabling full chat access. For Ledger Live and Trezor Suite users, the malware deploys phishing pages disguised as legitimate wallet applications. After removing the real software, it installs lookalike WebView loaders that connect to attacker-controlled sites, tricking victims into entering recovery phrases or PINs under the guise of trusted desktop apps. The campaign highlights how infostealers exploit the interplay between credentials, encrypted local stores, and user trust. While a stolen wallet database alone may be secure, pairing it with Keychain secrets and reused passwords creates a portable target for offline decryption. Indicators of compromise (IOCs) include malicious domains and IP addresses linked to the phishing infrastructure.
INCIDENT DETAILS -
TYPE
Infostealer Malware
MOTIVATION
Financial Gain
IMPACT
CredentialsWallet DatabasesSession DataEncryption KeysRecovery PhrasesPrivate KeysBrowser LoginsCookiesmacOSIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
CredentialsWallet DatabasesSession DataEncryption KeysRecovery PhrasesPrivate KeysBrowser LoginsCookiesSensitivity Of Data: HighLocal Wallet EncryptionChrome Safe StorageWallet DatabasesKeychain DataBrowser DataTelegram `tdata` DirectoryApple NotesRecovery PhrasesPrivate KeysBrowser LoginsCookies
MAY 2026
756Before Incident
APRIL 2026
756Before Incident
MARCH 2026
755Before Incident
FEBRUARY 2026
755Before Incident
JANUARY 2026
755Before Incident
DECEMBER 2025
755Before Incident
NOVEMBER 2025
755Before Incident
OCTOBER 2025
755Before Incident
SEPTEMBER 2025
755Before Incident
AUGUST 2025
755Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Exodus ?
?
What was Exodus's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Exodus's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Exodus's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Exodus's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Exodus's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Exodus's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Exodus's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Exodus's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Exodus's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Exodus's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Exodus's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Exodus's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Exodus ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Exodus's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?