⚡️ Discovery of a dangerous virus that puts crypto wallet owners’ security at risk
🔥 The virus starts under the name
#OkoBot by taking a screenshot of the user when they interact with crypto wallets, along with recording keystrokes on the keyboard.
💰 The virus alters wallet interfaces on devices such as
#Ledger and
#Trezor , and displays a fake recovery window to steal seed phrases.
📈 The virus installs malicious extensions in my Chrome and Edge browsers, and completely hides them from users.
🚨 The virus steals clipboard content, saves all copied images, monitors connections from transferable devices, and removes screenshots every 5 minutes.
💎 After infection, attackers gain remote access to the computer via RDP, open the necessary ports, create a new user, and set up a persistent SSH tunnel.
📊 According to researchers, the campaign is still ongoing for more than a year and has affected hundreds of users across more than 25 countries.