Malware OkoBot Steals Crypto Wallet Seed Phrases
2026-07-18 10:44
Odaily Odaily Planet Daily News According to monitoring by Kaspersky security researchers, the new malware OkoBot steals crypto wallet seed phrases and credentials through approximately 20 modules. Attackers use ClickFix social engineering techniques to trick users into running malicious commands and distribute the malware via GitHub repositories disguised as legitimate tools like SQL Server Management Studio. OkoBot's modules include SeedHunter, which injects into hardware wallets such as Trezor and Ledger, displaying a fake interface when recovering seed phrases; MC Keylogger, which records keyboard and clipboard activity; and OkoSpyware, which tracks wallet passwords and records videos of windows.
