New Android Malware Exploits Screenshots to Steal Private Keys
07.09.2024 23:00 2 min. read Alexander Stefanov
McAfee has discovered a new Android malware called SpyAgent that can steal private keys stored in screenshots and photos on smartphones.
The software uses Optical Character Recognition (OCR) technology to scan and extract text from images, a feature that is commonly used across many platforms, including desktops.
McAfee Labs outlined how SpyAgent spreads through malicious links sent via text messages. Once the user clicks on the link, they are redirected to a fake but convincing website that prompts them to download a seemingly legitimate application. However, the app in question contains software that compromises the user’s phone upon installation.
The malware, masquerading as banking apps, government services and streaming platforms, requests permissions for contacts, messages and local storage. McAfee has detected SpyAgent in more than 280 apps targeting mostly South Korean users.
In August, a similar threat called “Cthulhu Stealer” was identified affecting macOS. Like SpyAgent, it masquerades as legitimate software and steals sensitive information such as MetaMask passwords and private keys for cold storage wallets.
Around the same time, Microsoft discovered a vulnerability in Google Chrome that is likely being exploited by a North Korean hacking group known as Citrine Sleet. This group creates fake crypto exchanges to lure victims with fake job applications that install malware to steal private keys. Although the Chrome vulnerability has been patched, the rise in the number of such attacks has prompted the FBI to issue a warning about Citrine Sleet’s activities.
-
1
Pantera Capital Founder Investigated Over Crypto Investment Tax Reporting
15.02.2025 21:00 1 min. read -
2
Binance Warns Crypto Users of Rising Scam Threats
28.02.2025 14:13 1 min. read -
3
Cybercriminals Exploit GitHub to Distribute Crypto Malware
26.02.2025 20:00 2 min. read -
4
Mask Founder Loses $4 Million in Crypto Attack on His Birthday
28.02.2025 22:00 1 min. read -
5
India Intensifies Bitconnect Investigation, Seizing $190M in Crypto
16.02.2025 17:00 2 min. read
Ripple Co-Founder’s Wallet Compromised in $661 Million XRP Hack in 2024
Chris Larsen, the co-founder of Ripple, suffered a significant financial blow in 2024 when he lost over $661 million worth of XRP due to a security breach in the password management system LastPass.
Georgian Investor Faces Prison Amid Bitcoin Embezzlement Allegations
Venture capitalist and Mission Gate founder George Bachiashvili is now facing imprisonment in Georgia after a court revoked his bail.
Hackers Exploit 1inch Smart Contract, Stealing Over $5 Million
Hackers have exploited a vulnerability in DeFi aggregator 1inch’s resolver smart contract, leading to losses of over $5 million, according to blockchain security firm SlowMist.
EU Sanctions Prompt Tether to Freeze $27 Million on Russian Exchange Garantex
Tether has taken a significant step by freezing $27 million worth of USDt on the Russian crypto exchange Garantex, which has led to the platform halting its operations.
-
1
Pantera Capital Founder Investigated Over Crypto Investment Tax Reporting
15.02.2025 21:00 1 min. read -
2
Binance Warns Crypto Users of Rising Scam Threats
28.02.2025 14:13 1 min. read -
3
Cybercriminals Exploit GitHub to Distribute Crypto Malware
26.02.2025 20:00 2 min. read -
4
Mask Founder Loses $4 Million in Crypto Attack on His Birthday
28.02.2025 22:00 1 min. read -
5
India Intensifies Bitconnect Investigation, Seizing $190M in Crypto
16.02.2025 17:00 2 min. read
