New Android Malware Exploits Screenshots to Steal Private Keys

McAfee has discovered a new Android malware called SpyAgent that can steal private keys stored in screenshots and photos on smartphones.

The software uses Optical Character Recognition (OCR) technology to scan and extract text from images, a feature that is commonly used across many platforms, including desktops.

McAfee Labs outlined how SpyAgent spreads through malicious links sent via text messages. Once the user clicks on the link, they are redirected to a fake but convincing website that prompts them to download a seemingly legitimate application. However, the app in question contains software that compromises the user’s phone upon installation.

The malware, masquerading as banking apps, government services and streaming platforms, requests permissions for contacts, messages and local storage. McAfee has detected SpyAgent in more than 280 apps targeting mostly South Korean users.

READ MORE:

Chinese Authorities Bust Major Cryptocurrency Money Laundering Operation

In August, a similar threat called “Cthulhu Stealer” was identified affecting macOS. Like SpyAgent, it masquerades as legitimate software and steals sensitive information such as MetaMask passwords and private keys for cold storage wallets.

Around the same time, Microsoft discovered a vulnerability in Google Chrome that is likely being exploited by a North Korean hacking group known as Citrine Sleet. This group creates fake crypto exchanges to lure victims with fake job applications that install malware to steal private keys. Although the Chrome vulnerability has been patched, the rise in the number of such attacks has prompted the FBI to issue a warning about Citrine Sleet’s activities.

Alexander Stefanov

With over 8 years of experience in the cryptocurrency and blockchain industry, Alexander is a seasoned content creator and market analyst dedicated to making digital assets more accessible and understandable. He specializes in breaking down complex crypto trends, analyzing market movements, and producing insightful content aimed at educating both newcomers and seasoned investors. Alexander has built a reputation for delivering timely and accurate analysis, while keeping a close eye on regulatory developments, emerging technologies, and macroeconomic trends that shape the future of digital finance. His work is rooted in a passion for innovation and a firm belief that widespread education is key to accelerating global crypto adoption.