McAfee has discovered a new Android malware named SpyAgent, which can steal private keys from screenshots and images stored on smartphones. Utilizing optical character recognition (OCR) technology, SpyAgent scans images to extract sensitive text data.
SpyAgent spreads through malicious links sent via text messages. Users are redirected to a fake website and prompted to download an application that appears legitimate but is actually malware. Once installed, SpyAgent requires permissions to access contacts, messages, and local storage, allowing it to steal private keys.
The malware predominantly targets users in South Korea and has been identified in over 280 fraudulent apps. These apps are often disguised as banking, government, or streaming services.
In August, similar malware called "Cthulhu Stealer" was detected on MacOS systems, which also stole personal information, including MetaMask passwords and private keys. Additionally, Microsoft found a vulnerability in Google Chrome, exploited by a North Korean hacking group to install malware through fake job applications.
The FBI has issued a warning about North Korean hackers targeting the crypto industry with sophisticated and disguised attacks. These threats underscore the importance of cybersecurity vigilance and the need for robust protective measures against malware.