Kaspersky Uncovers One of Most Dangerous Crypto-Stealing Bots for Wallet Owners

Kaspersky Uncovers One of Most Dangerous Crypto-Stealing Bots for Wallet Owners

Source: UToday

Published:15:09 UTC

BTC Price:$64433.6

#cybersecurity #cryptotheft #malware

Analysis

Price Impact

Med

The news reports on a sophisticated crypto-stealing bot (okobot) targeting wallet owners. while it doesn't directly target specific cryptocurrencies like bitcoin or ethereum for their underlying technology, it aims to steal assets stored in wallets. this could lead to a general dip in confidence for crypto assets that rely on secure wallet management, potentially affecting major coins like eth and btc, and stablecoins like usdt if users become fearful of holding any crypto.

Trustworthiness

High

Price Direction

Bearish

Increased fear and uncertainty surrounding crypto asset security can lead to sell-offs. users may become more cautious and move funds to less risky assets or traditional financial systems, especially if they are concerned about the security of their wallets or exchanges.

Time Effect

Short

The immediate impact will be felt as users react to the news and potentially secure their assets. however, if security measures are updated and the threat is mitigated effectively by wallet providers and users, the long-term impact might be less significant. the threat itself is active, suggesting a short-term heightened alert.

Original Article:

Article Content:

Cover image via depositphotos.com Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available. Experts from Kaspersky's Global Research and Analysis Team (GReAT) warn that hundreds of users across 25 countries are at risk of having their assets stolen as the dangerous OkoBot malware framework targeting cryptocurrency owners entered an active phase. Advertisement Hackers have completely revised their tactics and are now targeting people who believed they were fully protected, analysts note in a new report. The malware steals funds by intercepting the functions of the official Ledger Live, Ledger Wallet, and Trezor Suite applications and displaying a fake verification window. To avoid falling for this trick, users are advised to strictly follow three key security rules: HOT Stories US Nets Just 15% of FTX's Shiba Inu (SHIB) Value; Bitcoin Does What AI Cannot, Binance Founder Explains; 70 Million XRP Lands in Millionaire Whale Wallets - Morning Crypto Report Shiba Inu Adds 60% in Weekly Spot Flows: Explaining What It Means for Price Health Never enter a seed phrase using a PC keyboard Do not execute third-party scripts from the internet Check the system for hidden RDP access In this campaign, attackers are deliberately targeting IT specialists and software developers. The initial compromise occurs when hackers disguise malware as popular work tools and distribute infected software through GitHub. Advertisement Fake Ledger and Trezor recovery windows used by OkoBot hackers to siphon seed phrases, Source: Kaspersky's GReAT research (July 15 2026) In particular, researchers have already discovered the malware inside a fake Microsoft SQL Server Management Studio (SSMS) installer. At the same time, attackers are using sophisticated ClickFix attacks, a social engineering technique in which users are persuaded to copy and run malicious code in a terminal under the pretext of fixing an unexpected browser error. What comes next: analysts' forecasts According to Kaspersky GReAT, since the malware uses a modular structure consisting of more than 20 components, including the Rilide infostealer and the OkoSpyware surveillance module, the geographical reach of the attacks is expected to expand beyond the countries currently reporting the highest number of infections, led by Brazil, Vietnam, Canada, Mexico, and Turkey. Advertisement You Might Also Like Mon, 07/13/2026 - 08:05 Beware of Memecoin Scams on Robinhood Chain: Scatman, Hood, and Cash Cat Copycats — Here's How to Avoid Them By Arman Shirinyan New hidden extensions for Chromium-based browsers, including Chrome and Edge, are also expected to emerge. The malware can completely remove these extensions from the visible list of installed add-ons, leaving users unaware of their presence. The final stage may involve the large-scale sale of access to victims' computers. After establishing persistence in a system, OkoBot secretly creates a new administrator account and opens a permanent SSH tunnel for remote control through RDP. #Hack News