Cybersecurity firm Kaspersky has identified OkoBot, a malware framework active for more than a year, which targets cryptocurrency holders by stealing sensitive information.
The malware captures crypto seed phrases, wallet credentials, browser data, and other private details using over 20 malicious modules. Its distribution relies primarily on social engineering tactics and counterfeit software downloads.
The campaign has affected users across more than 25 countries, posing a global threat to crypto security. The modular design allows OkoBot to adapt and expand its capabilities as it spreads.



