Cybersecurity company Kaspersky says it has identified a new malware framework targeting cryptocurrency investors. According to the firm, the campaign relies on social engineering tactics and trojanized GitHub applications to deliver malicious software.
The development matters because crypto users often interact with software, wallets, and developer tools from multiple online sources, which can create opportunities for attackers to disguise malware as legitimate apps. Threats that target investors can also affect trust in the broader crypto ecosystem and increase security risks for individuals and companies.
Kaspersky described the framework as newly identified, but the report centers on the method rather than a wider campaign scope or impact figure. The use of GitHub as a delivery channel highlights how attackers may abuse trusted platforms to reach potential victims.
Users in the crypto space are generally advised to verify app sources, review permissions carefully, and be cautious with downloads or links shared through social channels. The report adds to ongoing concerns about malware campaigns aimed at digital asset holders.