Access Restricted for EU Residents
You are attempting to access a website operated by an entity not regulated in the EU. Products and services on this website do not comply with EU laws or ESMA investor-protection standards.
As an EU resident, you cannot proceed to the offshore website.
Please continue on the EU-regulated website to ensure full regulatory protection.
Tuesday Nov 18 2025 13:50
2 min
A recent report by GK8, a crypto custody expert owned by Mike Novogratz’s crypto investment platform Galaxy Digital, indicates that private key theft is no longer just another method hackers use to attack crypto users. Instead, it has evolved into a full-fledged business operation.
The report highlights the evolution of private key theft into an industrialized process, emphasizing the emergence of black market tools that enable criminals to locate and steal a user's seed phrase.
These tools include malware infostealers and seed phrase finders, which can scan files, documents, cloud backups, and chat histories to quickly extract a user's private key, effectively giving attackers complete control over their assets.
The report recommends using secure custody solutions, implementing multi-step approval processes, and enforcing role separation to mitigate the risks posed by this commercialized and constantly evolving threat.
The process typically begins with hackers using malware to steal large amounts of data from an infected device. The stolen data is then fed into automated tools that rebuild seed phrases and private keys. After identifying wallets containing valuable assets, attackers assess the security measures in place to drain the funds.
These applications, which perform mnemonic parsing and transform raw logs into keys, are sold for hundreds of dollars on darknet forums.
To protect themselves from the rise in private key hacks, users should assume all local device data could be compromised, never store seed phrases in digital form, use multi-party approval for transactions, and rely on secure custody systems.
The report also recommends a healthy combination of hot, cold, and impenetrable vault storage to minimize the asset value exposed to an immediate drain.
Kela warns that malware infostealers often rely on social engineering, using fake installers, poisoned ads, or phishing campaigns to trick users.
To stay safe, users should be extremely careful with attachments and links, avoid software from untrusted sources, and resist scams that exploit macOS’s reputation for security.
The firm also emphasizes the importance of using strong, unique passwords for financial apps, enabling multi-factor authentication, and keeping macOS and all applications up to date to prevent malware from stealing sensitive information.
Risk Warning: this article represents only the author’s views and is for reference only. It does not constitute investment advice or financial guidance, nor does it represent the stance of the Markets.com platform.When considering shares, indices, forex (foreign exchange) and commodities for trading and price predictions, remember that trading CFDs involves a significant degree of risk and could result in capital loss.Past performance is not indicative of any future results. This information is provided for informative purposes only and should not be construed to be investment advice. Trading cryptocurrency CFDs and spread bets is restricted for all UK retail clients.
Latest
View allSaturday, 6 December 2025
2 min
Saturday, 6 December 2025
2 min
Saturday, 6 December 2025
2 min
EN
