Kaspersky security researchers have identified a new malware, OkoBot, which targets cryptocurrency wallets by stealing seed phrases and credentials. The malware operates through approximately 20 modules, including SeedHunter, MC Keylogger, and OkoSpyware, to infiltrate hardware wallets like Trezor and Ledger, record keyboard activity, and track wallet passwords. OkoBot is distributed via GitHub repositories disguised as legitimate tools, using ClickFix social engineering techniques to deceive users.
Active for over a year, OkoBot has primarily affected users in Brazil, Vietnam, Canada, Mexico, and Turkey, while implementing geo-blocking against Russian and CIS IP addresses. Once attackers obtain a seed phrase, they can fully control the victim's crypto assets, making recovery nearly impossible.
Kaspersky Uncovers OkoBot Malware Targeting Crypto Wallets
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.
