New Android Malware Exploits Screenshots to Steal Private Keys
07.09.2024 23:00 2min. read Alexander Stefanov
McAfee has discovered a new Android malware called SpyAgent that can steal private keys stored in screenshots and photos on smartphones.
The software uses Optical Character Recognition (OCR) technology to scan and extract text from images, a feature that is commonly used across many platforms, including desktops.
McAfee Labs outlined how SpyAgent spreads through malicious links sent via text messages. Once the user clicks on the link, they are redirected to a fake but convincing website that prompts them to download a seemingly legitimate application. However, the app in question contains software that compromises the user’s phone upon installation.
The malware, masquerading as banking apps, government services and streaming platforms, requests permissions for contacts, messages and local storage. McAfee has detected SpyAgent in more than 280 apps targeting mostly South Korean users.
In August, a similar threat called “Cthulhu Stealer” was identified affecting macOS. Like SpyAgent, it masquerades as legitimate software and steals sensitive information such as MetaMask passwords and private keys for cold storage wallets.
Around the same time, Microsoft discovered a vulnerability in Google Chrome that is likely being exploited by a North Korean hacking group known as Citrine Sleet. This group creates fake crypto exchanges to lure victims with fake job applications that install malware to steal private keys. Although the Chrome vulnerability has been patched, the rise in the number of such attacks has prompted the FBI to issue a warning about Citrine Sleet’s activities.
-
1
Crypto Scammer Tried to Evade Authorities with New Appearance, but Was Arrested
31.08.2024 12:00 1min. read -
2
India Orders Shutdown of 38 Fraudulent Crypto Sites
30.08.2024 8:00 1min. read -
3
Here is When Binance Ex-CEO Could Be Release From Prison
01.09.2024 9:00 1min. read -
4
Changpeng Zhao Transferred to New Facility, Still Incarcerated
24.08.2024 20:00 2min. read -
5
Jupiter Alerts Users to New Solana Wallet Scam
20.08.2024 19:30 1min. read
Hacker Group Loses $5 Million in Frozen Stablecoins
The notorious hacking group known for its crypto thefts has lost access to nearly $5 million in stablecoins, following actions taken by stablecoin issuers to freeze the funds.
Binance Issues Major Alert on New Crypto Threat
Binance has issued a warning about a malware attack targeting its users, which alters cryptocurrency withdrawal addresses.
Bithumb’s Ex-CEO Faces New Charges Over Crypto Listings
Prosecutors have introduced new internal documents from Bithumb in their ongoing case against Lee Sang-joon, the exchange’s former CEO.
Sam Bankman-Fried Appeals Fraud Conviction, Claims Unfair Trial
Sam Bankman-Fried, the former CEO and co-founder of FTX currently serving a prison sentence, has filed an appeal seeking to overturn his fraud conviction, according to court documents submitted on Friday.
-
1
Crypto Scammer Tried to Evade Authorities with New Appearance, but Was Arrested
31.08.2024 12:00 1min. read -
2
India Orders Shutdown of 38 Fraudulent Crypto Sites
30.08.2024 8:00 1min. read -
3
Here is When Binance Ex-CEO Could Be Release From Prison
01.09.2024 9:00 1min. read -
4
Changpeng Zhao Transferred to New Facility, Still Incarcerated
24.08.2024 20:00 2min. read -
5
Jupiter Alerts Users to New Solana Wallet Scam
20.08.2024 19:30 1min. read
