SpyAgent Android Malware Targets Crypto Recovery Phrases Through Images 📱

TheJoker · September 7, 2024, 3:10pm

Summary:

Malware Overview
SpyAgent is a new Android malware that uses optical character recognition (OCR) to extract cryptocurrency wallet recovery phrases from screenshots on infected devices. This allows attackers to gain access to and steal funds from cryptocurrency wallets.
Distribution and Function
Distributed via SMS and malicious social media posts, SpyAgent has been found in at least 280 APKs outside Google Play. Once installed, it steals sensitive information, including contact lists, incoming SMS messages (with OTPs), and images for OCR scanning.
Threat and Security Practices
The malware’s operators did not follow secure server practices, which led to McAfee accessing stolen files and confirming multiple victims. SpyAgent can also manipulate device settings and send phishing texts to further spread the malware.

Read more at: BleepingComputer

Topic		Replies	Views
Thousands of Linux Systems Hit by Stealthy Malware Since 2021! 🔒 News & Articles hacking , trading	0	64	October 5, 2024
Google Removes 49 Chrome Extensions Caught Stealing Crypto-Wallet Keys News & Articles tools , trading , browsers	0	766	April 15, 2020
Android Malware Records Your Screen While You Read "Encrypted" Chats News & Articles hacking , privacy	1	266	November 21, 2025
Data Breach Exposes US Spyware Maker Behind Malware for Windows, Mac, Android, and Chromebook 💻 News & Articles hacking	0	90	July 25, 2024
Watch Out for Hidden Malware on Your Phone News & Articles hacking	0	954	August 21, 2019