‘RatOn’, identified by ThreatFabric, poses a risk to popular wallets, enabling remote device takeovers since June 2025. Its automation of hijacking processes using stolen credentials makes it particularly dangerous.
The malware specifically targets wallets such as MetaMask and Trust Wallet. It can launch wallet apps using retrieved PINs and access secured recovery phrases, increasing risks for cryptocurrency holders.
Leave a Reply