MALICIOUS (1) campaign cataloged at 2026-04-14(2).

1. The campaign has clearly malicious intent, like infostealers.
2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2026-04-pckg-sv

Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet

Abuse categories

crypto-related

Malicious activity is related to cryptocurrencies or blockchain, e.g. stealing crypto wallets.

exfiltration_crypto

The package attempts to steal sensitive cryptocurrency-related data, like wallet keys.

keylogger

Campaign uses keylogger.

persistence

Campaign uses persistence.

Packages in the campaign

campaign:2026-04-pckg-sv

• pckg-sv
• svchost