Security · 2h ago
OkoBot Malware Hijacks Ledger, Trezor Apps to Steal Crypto Seed Phrases
Since April 2025, the OkoBot malware framework has infected Windows PCs, targeting hardware wallet users. It injects fake seed phrase prompts into legitimate Ledger and Trezor desktop apps. The scam activates when the victim connects their wallet, tricking them into handing over recovery keys.
Meridian48 take
This is a clever social engineering twist—users trust the app they installed, but the malware hijacks it from within, making detection harder than typical phishing.
Read the full reporting
OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps →
The Hacker News
crypto-malwarehardware-wallet-phishing