New Android Malware Exploits Screenshots to Steal Private Keys
07.09.2024 23:00 2 min. read Alexander Stefanov
McAfee has discovered a new Android malware called SpyAgent that can steal private keys stored in screenshots and photos on smartphones.
The software uses Optical Character Recognition (OCR) technology to scan and extract text from images, a feature that is commonly used across many platforms, including desktops.
McAfee Labs outlined how SpyAgent spreads through malicious links sent via text messages. Once the user clicks on the link, they are redirected to a fake but convincing website that prompts them to download a seemingly legitimate application. However, the app in question contains software that compromises the user’s phone upon installation.
The malware, masquerading as banking apps, government services and streaming platforms, requests permissions for contacts, messages and local storage. McAfee has detected SpyAgent in more than 280 apps targeting mostly South Korean users.
In August, a similar threat called “Cthulhu Stealer” was identified affecting macOS. Like SpyAgent, it masquerades as legitimate software and steals sensitive information such as MetaMask passwords and private keys for cold storage wallets.
Around the same time, Microsoft discovered a vulnerability in Google Chrome that is likely being exploited by a North Korean hacking group known as Citrine Sleet. This group creates fake crypto exchanges to lure victims with fake job applications that install malware to steal private keys. Although the Chrome vulnerability has been patched, the rise in the number of such attacks has prompted the FBI to issue a warning about Citrine Sleet’s activities.
-
1
North Korean Agent Exposed in Crypto Job Scam at Kraken
04.05.2025 20:00 2 min. read -
2
ZachXBT Helps Freeze $7M After $330M Bitcoin Theft From Elderly Holder
05.05.2025 16:00 1 min. read -
3
$330M Bitcoin Heist Traced to Social Engineering Scam Targeting U.S. Senior
04.05.2025 12:00 2 min. read -
4
Samourai Wallet Case Faces Scrutiny After Allegations of Withheld Evidence
07.05.2025 13:00 2 min. read -
5
Alex Mashinsky Seeks One-Year Sentence as DOJ Pushes for 20 Years
08.05.2025 12:00 1 min. read
Man Sentenced to 30 Years for Using Crypto to Fund ISIS Operations
A U.S. court has handed down a 30-year prison sentence to Mohammed Azharuddin Chhipa, who was found guilty of financing terrorism through cryptocurrency.
Celsius CEO Sentenced to 12 Years Over $5 Billion Crypto Scandal
A major chapter in crypto’s legal reckoning closed this week as Alex Mashinsky, once a prominent name in digital lending, received a 12-year prison sentence.
Alex Mashinsky Seeks One-Year Sentence as DOJ Pushes for 20 Years
Former Celsius CEO Alex Mashinsky is asking for a significantly reduced prison sentence ahead of his May 8 sentencing, with his legal team pushing back hard against the U.S. Department of Justice’s call for a 20-year term.
Samourai Wallet Case Faces Scrutiny After Allegations of Withheld Evidence
The legal battle against the creators of Samourai Wallet has taken a sharp turn, as defense attorneys accuse federal prosecutors of suppressing a key legal interpretation from the Treasury Department that could dismantle the core of the government’s case.
-
1
North Korean Agent Exposed in Crypto Job Scam at Kraken
04.05.2025 20:00 2 min. read -
2
ZachXBT Helps Freeze $7M After $330M Bitcoin Theft From Elderly Holder
05.05.2025 16:00 1 min. read -
3
$330M Bitcoin Heist Traced to Social Engineering Scam Targeting U.S. Senior
04.05.2025 12:00 2 min. read -
4
Samourai Wallet Case Faces Scrutiny After Allegations of Withheld Evidence
07.05.2025 13:00 2 min. read -
5
Alex Mashinsky Seeks One-Year Sentence as DOJ Pushes for 20 Years
08.05.2025 12:00 1 min. read