BSV
$67.78
Vol 85.36m
-0.09%
BTC
$90733
Vol 50366.79m
-0.44%
BCH
$442.02
Vol 1096.69m
-0.66%
LTC
$88.44
Vol 2374.75m
-0.93%
DOGE
$0.36
Vol 9806.86m
-3.31%
Getting your Trinity Audio player ready...

American cybersecurity software firm McAfee has discovered a new malware that steals private keys from images held in Android devices.

Dubbed SpyAgent, the malware can recognize private keys from images, including screenshots, using optical character recognition (OCR), a process that enables computer systems to convert an image of text into a machine-readable text format.

According to McAfee, the malware spreads through the usual social engineering techniques, such as sending links to unsuspecting users through text messages. Clicking on the links redirects the users to websites that claim to contain legitimate software, which, when installed, activates the malware.

The victims end up permitting these applications to access their messages, images and contacts, and they set out to look for any ‘crypto-related’ information, starting with private keys.

“Upon examining the page, it became clear that a primary goal of the attackers was to obtain the mnemonic recovery phrases for cryptocurrency wallets. This suggests a major emphasis on gaining entry to and possibly depleting the crypto assets of victims,” the security firm notes.

McAfee says SpyAgent has been active since January; the company has identified 280 fake applications used to spread the malware, with South Koreans being the primary target.

SpyAgent is one of hundreds of malware targeting digital asset users, which have intensified this year. A Chainalysis report in August found that while overall illicit activity had declined in the first seven months of the year, stolen funds and malware had shot up. The latter had increased to $460 million while stolen fund inflows had doubled to $1.58 billion.

“2024 is set to be the highest-grossing year yet for ransomware payments, due in no small part to strains carrying out fewer high-profile attacks but collecting large payments (known in the industry as “big game hunting”),” the New York blockchain analytics company revealed.

Malware attacks are targeting larger businesses, Chainalysis found. The result is a spike in the median ransom payment to $1.5 million, up from $200,000 in 2023.

A week ago, the United States Federal Bureau of Investigation (FBI) warned that North Korean hackers have stepped up their game and are now targeting digital asset owners more aggressively than ever.

“North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence of this malicious activity, even those well versed in cybersecurity practices can be vulnerable,” the agency said.

Watch: Cybersecurity fundamentals in today’s digital age with AI & Web3

Recommended for you

Sentinel Node upholds heightened security with 56M snapshots
CERTIHASH keeps up with its mission to offer enterprises heightened security for their data with BSV-powered Sentinel Node, recently registering...
November 14, 2024
ODHack 9.0: Better wallet, easy testnet coins for developers
OnlyDust's ODHack 9.0 hackathon event provides developers building on the BSV blockchain with new ways to test their applications without...
November 8, 2024
Advertisement
Advertisement
Advertisement