đšAlert! New Android malware steals private keys from screenshots and images
đŹAccording to a recent FBI warning, North Korean hackers are "aggressively targeting" the cryptocurrency industry with "well-disguised" attacks. A new Android malware called SpyAgent, discovered by computer security firm McAfee, can steal private keys stored in screenshots and images on the internal memory of smartphones.
More specifically, the malware uses a mechanism known as optical character recognition (OCR) to scan images stored on a smartphone and extract words from them. OCR is present in many technologies, including desktop computers, which can recognize, copy and paste text from images.
âïž McAfee Labs explained that the malware is distributed through malicious links sent by text messages. The cybersecurity firm broke down the process, starting with an unsuspecting user clicking on a link they received. The link redirects the user to a seemingly legitimate website and prompts them to download an app presented as trustworthy.
However, the app is the SpyAgent malware, and upon installation, it compromises the phone. According to the report, these fraudulent programs are disguised as banking apps, government apps, and streaming services.
Upon installing the apps, users are asked to give access permissions to contacts, messages, and local storage.
