New Android malicious software SpyAgent steals private keys, FBI warns
Recently, McAfee discovered a new type of Android malicious software called SpyAgent, which uses optical character recognition (OCR) technology to steal users' private keys through screenshots and text in images of mobile phones. The malicious software is spread through malicious links in text messages, and users click on the link to be directed to a page disguised as a legitimate website and prompted to download a plausible application. Once installed, the malicious software can obtain users' contacts, messages and local storage permissions. Currently, SpyAgent mainly targets South Korean users and has been found in more than 280 fraudulent applications.
In addition, malicious software attacks are on the rise in 2024. Cthulhu Stealer, discovered in August, affected MacOS systems and stole users' crypto wallet information. In the same month, Microsoft patched a vulnerability in Google Chrome that had been used by the North Korean hacking group Citrine Sleet to disguise fake crypto exchanges and spread malicious software through fraudulent job applications.
The Federal Bureau of Investigation (FBI) has issued a warning to the public that the cryptocurrency industry is becoming a prime target for North Korean hackers.