Back to all news
Security

OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps

The Hacker News·July 15, 2026·1 min read
OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps

A malware framework called OkoBot has been running on Windows machines since April 2025, with a module designed to con hardware wallet owners out of their recovery phrase. On an infected PC, the phishing request appears from within the wallet's own desktop software, sometimes waiting until the device is plugged in. The malicious page mimics legitimate apps to steal seed phrases.

Read at The Hacker News
Daily crypto arcade

Read the news, then play it.

Chainshorts turns crypto headlines into a daily game. Catch up in 60 words, then jump into daily lucky draws for a shot at the pot.

Open ChainshortsGet it on the Solana dApp Store