Kaspersky: OkoBot Malware Uses Social Engineering to Steal Crypto Wallet Seed Phrases
AI Market Summary
Kaspersky's report on OkoBot highlights an elevated threat to crypto users, with malware modules designed to steal seed phrases and credentials via ClickFix social engineering and GitHub-hosted fake tools. The ability to spoof hardware wallet recovery flows (e.g., Trezor, Ledger) and capture keystrokes, clipboard data, and screen video increases perceived custody and operational risk, potentially dampening near-term risk appetite across crypto.
Impact level
● Medium
Affected assets
BTC/USDT+0.47%
AI Insight · BTC/USDTAI Insight
▼ Bearish
Trade now
⚠️ AI-generated insights are based on news content and are provided for informational purposes only. They do not constitute investment advice or represent the views of BingX. Investing involves risk. Please trade responsibly.
Odaily Planet Daily reports that Kaspersky researchers have identified a new malware strain, OkoBot, designed to steal cryptocurrency wallet seed phrases and login credentials through roughly 20 separate modules. The operators rely on a ClickFix social-engineering lure to persuade users to run malicious commands, and spread the malware via GitHub repositories that masquerade as legitimate software tools, including SQL Server Management Studio.
Among OkoBot's components is SeedHunter, which injects a spoofed interface when victims attempt to recover seed phrases for hardware wallets such as Trezor and Ledger. Other modules include MC Keylogger, which captures keyboard input and clipboard activity, and OkoSpyware, which monitors wallet passwords and records videos of on-screen windows.