Close Menu
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
What's Hot

FTX Plans to Pay Creditors $900 Million as Fifth Distribution Starts on July 31

July 18, 2026

Protocol logic attacks grow as hackers shift from wallet exploits

July 18, 2026

Crypto executives say digital native generations may never need a bank account

July 18, 2026
Facebook X (Twitter) Instagram
Recession Profit AlertsRecession Profit Alerts
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
Recession Profit AlertsRecession Profit Alerts
Home»Security»Kaspersky Uncovers One of Most Dangerous Crypto-Stealing Bots for Wallet Owners
Security

Kaspersky Uncovers One of Most Dangerous Crypto-Stealing Bots for Wallet Owners

July 17, 2026No Comments2 Mins Read

Experts from Kaspersky’s Global Research and Analysis Team (GReAT) warn that hundreds of users across 25 countries are at risk of having their assets stolen as the dangerous OkoBot malware framework targeting cryptocurrency owners entered an active phase.

Hackers have completely revised their tactics and are now targeting people who believed they were fully protected, analysts note in a new report.

The malware steals funds by intercepting the functions of the official Ledger Live, Ledger Wallet, and Trezor Suite applications and displaying a fake verification window. To avoid falling for this trick, users are advised to strictly follow three key security rules:

  • Never enter a seed phrase using a PC keyboard
  • Do not execute third-party scripts from the internet
  • Check the system for hidden RDP access

In this campaign, attackers are deliberately targeting IT specialists and software developers. The initial compromise occurs when hackers disguise malware as popular work tools and distribute infected software through GitHub.

Fake Ledger and Trezor recovery windows used by OkoBot hackers to siphon seed phrases, Source: Kaspersky’s GReAT research (July 15 2026)

In particular, researchers have already discovered the malware inside a fake Microsoft SQL Server Management Studio (SSMS) installer.

At the same time, attackers are using sophisticated ClickFix attacks, a social engineering technique in which users are persuaded to copy and run malicious code in a terminal under the pretext of fixing an unexpected browser error.

What comes next: analysts’ forecasts

According to Kaspersky GReAT, since the malware uses a modular structure consisting of more than 20 components, including the Rilide infostealer and the OkoSpyware surveillance module, the geographical reach of the attacks is expected to expand beyond the countries currently reporting the highest number of infections, led by Brazil, Vietnam, Canada, Mexico, and Turkey.

See also  US government alerts banks to IRGC sanctions evasion tactics involving crypto infrastructure

New hidden extensions for Chromium-based browsers, including Chrome and Edge, are also expected to emerge. The malware can completely remove these extensions from the visible list of installed add-ons, leaving users unaware of their presence.

The final stage may involve the large-scale sale of access to victims’ computers. After establishing persistence in a system, OkoBot secretly creates a new administrator account and opens a permanent SSH tunnel for remote control through RDP.

Source link

Bots CryptoStealing Dangerous Kaspersky Owners Uncovers Wallet

Related Posts

Protocol logic attacks grow as hackers shift from wallet exploits

July 18, 2026

India’s Directorate of Enforcement Cracks Down on a Money Laundering Syndicate

July 18, 2026

He Still Has Two Password Guesses Left Before $840 Million Deletes Itself Forever

July 18, 2026

‘Median hack size’ declines despite 3 DeFi exploits in 24 hours – Here’s why!

July 18, 2026
Top Posts

KelpDAO Hack ‘Contagion’ Triggers Worst DeFi Liquidity Crunch Since 2024

April 25, 2026

Balancer DAO Caps Recovery Bounty at 10% After $128M Exploit

February 11, 2026

Air Quality Monitoring System Market Size, Trends, Share, Analysis, Growth and Forecast 2032 | Credence Research

March 8, 2026

Type above and press Enter to search. Press Esc to cancel.