New android malware steals crypto private keys from screenshots
The FBI has warned that North Korean hackers are aggressively targeting the cryptocurrency industry through sophisticated attacks.
A new Android malware named SpyAgent, discovered by McAfee, can steal private keys stored in screenshots and images on a smartphone.
SpyAgent uses Optical Character Recognition (OCR) technology to scan images stored on the device and extract text, including sensitive information like private keys.
OCR is commonly used in various technologies, such as desktop computers, to recognise, copy, and paste text from images.
McAfee Labs detailed that the malware is distributed via malicious links sent through text messages, tricking users into clicking on them.
These links redirect users to fake, but convincing websites that prompt them to download an application appearing legitimate.
However, the application is actually the SpyAgent malware, and once installed, it compromises the phone's security.
SpyAgent is often disguised as legitimate applications, such as banking apps, government services, or streaming platforms.
When users install these apps, they are asked to grant access to contacts, messages, and local storage, further exposing their private data.
The malware currently targets primarily South Korean users and has been detected in over 280 fraudulent apps by McAfee specialists.
In August, a similar malware named “Cthulhu Stealer” was identified on MacOS systems, also posing as legitimate software to steal sensitive data.
Cthulhu Stealer extracts personal information like MetaMask passwords, IP addresses, and private keys from cold wallets stored on desktops.
During the same month, Microsoft uncovered a vulnerability in the Google Chrome browser, likely exploited by a North Korean hacker group named Citrine Sleet.
Citrine Sleet reportedly created fake cryptocurrency exchanges to send fraudulent job offers to users, leading them to install malware that could remotely access their private keys.
The Chrome vulnerability has since been patched, but the wave of malware attacks led the FBI to issue a warning about the activities of the North Korean hacking group.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
New spot margin trading pair — HOLO/USDT!
FUN drops by 32.34% within 24 hours as it faces a steep short-term downturn
- FUN plunged 32.34% in 24 hours to $0.008938, marking a 541.8% monthly loss amid prolonged bearish trends. - Technical breakdowns, elevated selling pressure, and forced liquidations highlight deteriorating market sentiment and risk-off behavior. - Analysts identify key support below $0.0080 as critical, with bearish momentum confirmed by RSI (<30) and MACD indicators. - A trend-following backtest strategy proposes short positions based on technical signals to capitalize on extended downward trajectories.
OPEN has dropped by 189.51% within 24 hours during a significant market pullback
- OPEN's price plummeted 189.51% in 24 hours to $0.8907, marking its largest intraday decline in history. - The token fell 3793.63% over 7 days, matching identical monthly and yearly declines, signaling severe bearish momentum. - Technical analysts cite broken support levels and lack of bullish catalysts as key drivers of the sustained sell-off. - Absence of stabilizing volume or reversal patterns leaves the market vulnerable to further downward pressure.
New spot margin trading pair — LINEA/USDT!
Trending news
MoreCrypto prices
More
