Svmuu News: According to monitoring by Kaspersky security researchers, a new piece of malware called OkoBot uses approximately 20 modules to steal cryptocurrency wallet mnemonic phrases and credentials. Attackers use ClickFix social engineering techniques to trick users into executing malicious commands and spread the malware via GitHub repositories disguised as legitimate tools such as SQL Server Management Studio. OkoBot’s modules include SeedHunter, which injects itself into hardware wallets such as Trezor and Ledger and displays a fake interface when users are restoring their mnemonic phrases; MC Keylogger, which records keyboard and clipboard activity; and OkoSpyware, which tracks wallet passwords and records screen activity.