After holding them for a few years, you have decided it is time to cash in your cryptocurrency holdings. The problem is, it is so long since you set up the digital wallet which manages them on your laptop, you have forgotten the lengthy access code.

Stressed at the thought of losing thousands of pounds, you search and download a program which promises to recover the 24-word “seed phrase” which gives you access to your cypto assets.

Unfortunately, the program was created by criminals and, once installed, harvests your personal details and passwords, as well as taking images of the documents on your system.

It may sound a niche type of fraud, but it is clearly lucrative enough for criminals to bother setting up fake websites directing people to their dodgy software.

“Scammers are preying on people’s desperation to recover their cryptocurrency wallets,” says Alex Holland, of the HP Security Lab, which found evidence of the fraud. “Perhaps the victim has forgotten the seed phrase used to access their wallet. If you wanted a way of recovering that, you could search ‘free cryptocurrency recovery tool’, which I did, and lo and behold one of these fake malware-laden tools came up in my search results.”

A cryptocurrency wallet is a tool on your computer which allows you to store the keys needed to access the currencies. The wallets generate seed phrases – which can be between 12 and 24 words – which allow you access.

The scam software is hosted on a website that offers to help you get hold of your seed phrase.

One piece of software found by HP Security Lab is called the “Lost crypto wallets finder – cryptocurrency recovery toolkit”. It promises that “this toolkit is invaluable for both new and seasoned users who want to reclaim their assets and don’t lose access to their digital wealth”.

The site which hosts the software is now down.

You will be told you need to download the software to recover your wallet. Once downloaded, the malware will collect information, including passwords from web browsers, documents, photos and other sensitive files.

This information is then packaged on to a Zip file and sent to criminals who may use the details for future frauds.

What to do

If you have trouble remembering your passwords, or where you wrote them down, don’t panic as that is exactly what the fraudsters want. “They’re preying on emotions. They want to take advantage of that moment of vulnerability,” says Holland.

There are legitimate sites which can be used to help recover a seed phrase but you should read online reviews to see whether they are safe.

If you find that you have downloaded malware, remove it using reputable security software. Then quickly reset your passwords, starting with your banking ones.

Lookonchain Spots Sharplink Recieving 5,000 ETH

With 876,285 ETH valued at $1.38 billion using current ether exchange rates on Saturday, June 27, 2026, Sharplink ranks below Bitmine’s 5,672,956 ETH cache, making it the second-largest ETH treasury today. This week, the onchain analyst on X known as Lookonchain detailed that Sharplink acquired 5,000 ETH from the crypto firm FalconX.

“After 8 months, Sharplink is buying ETH again,” Lookonchain wrote. The onchain analysts also noted in the X post that the publicly traded firm paid an average price of $3,609 per coin and is sitting on $1.7 billion in paper losses. While the company’s 5,000 ETH inflow can be verified onchain, Sharplink has not issued a press release or formal announcement.

Stock Down 99% and $1.7B in Paper Losses

Sharplink is among the growing roster of digital asset treasury (DAT) firms watching the crypto bear market eat into their paper gains. The company’s shares trade on Nasdaq, and the stock closed June 26 at $4.81 a share. Shares climbed 5.48% during Friday’s trading session after news of the company scooping up more ETH began circulating across social media.

Despite Friday’s 5.48% lift, Sharplink (Nasdaq: SBET) is down 10.76% over the past week, more than 21% this month, and 47.37% year to date. Hardly cause for celebration. SBET is also trading 99.96% below its all-time high. Sharplink’s stock has generally traded at a discount to NAV, with mNAV below 1.0x, while nearly all of the company’s ether remains staked.

Sharplink’s renewed buying signals conviction, but the numbers tell a harder story. Whether accumulating through a bear market proves prescient or painful remains an open question.

As detailed in Bleeping Computer, Polish authorities have arrested four individuals suspected of being part of an organized cybercrime group responsible for SIM-swapping attacks and significant cryptocurrency theft.The operation, a collaboration between Poland’s Cybercrime Bureau (CBZC) and U.S. agencies including the FBI and Homeland Security Investigations, targeted a group accused of breaching telecommunications partners and hijacking email accounts. These actions allowed the suspects to gain control of victims’ phone numbers, intercept communications, and ultimately access cryptocurrency exchange accounts. Investigators estimate that millions of U.S. dollars were stolen and laundered through a complex financial network.The arrested individuals face charges including participation in an organized criminal group, hacking, and money laundering, with potential penalties of up to 25 years in prison. One of the identified suspects, according to blockchain investigator ZachXBT, is Wojtek Kulisz, also known as “Merry.”Source: Bleeping Computer