
OkoBot Malware Uses ClickFix and SeedHunter to Steal Ledger and Trezor Seed Phrases
A newly documented malware framework dubbed OkoBot is targeting cryptocurrency users with a multi-stage intrusion chain designed to capture Ledger and Trezor recovery phrases, browser credentials, wallet files, keystrokes, screenshots, and application video recordings. Researchers first observed the activity in January 2026, although the campaign’s TookPS downloader component has been active since March 2025. The […]
The post OkoBot Malware Uses ClickFix and SeedHunter to Steal Ledger and Trezor Seed Phrases appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.