What it is
Arkei is a Windows info-stealer: quiet malware that hunts for your saved passwords, browser cookies, and crypto wallets—then sends them to attackers. It often runs silently, so the first clue is trouble elsewhere (sudden login alerts, missing funds). For details and examples, see the Arkei threat guide.
What you may notice
-
New logins or MFA prompts you didn’t trigger
-
Strange browser behavior or unknown extensions
-
Crypto wallet activity you don’t recognize
How it gets in
-
“Free” cracked software and fake updates
-
Phishing attachments and malicious installers
-
Rogue browser add-ons from untrusted sites
Remove it now (quick steps)
-
Disconnect from the internet; don’t open banking/crypto apps
-
Run a full scan with trusted anti-malware and reboot
-
From a clean device, change passwords and enable MFA
-
Move crypto to fresh wallets with new seed phrases; revoke suspicious app permissions
Prevent it
-
Avoid pirated software and sketchy download sites
-
Install extensions only from official stores
-
Keep Windows, browsers, and security tools updated
-
Use a password manager + unique passwords + MFA