{"id":11348,"date":"2024-09-07T05:24:17","date_gmt":"2024-09-07T05:24:17","guid":{"rendered":"https:\/\/www.cryptometer.io\/news\/?p=11348"},"modified":"2024-09-07T05:24:21","modified_gmt":"2024-09-07T05:24:21","slug":"new-android-malware-steals-crypto-private-keys-from-screenshots","status":"publish","type":"post","link":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/","title":{"rendered":"New Android Malware Steals Crypto Private Keys from Screenshots"},"content":{"rendered":"\n<p>A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of the latest threats is a new Android malware, SpyAgent, discovered by security firm McAfee. This malware can extract private keys from screenshots and images stored on a smartphone, posing a serious risk to crypto investors.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How SpyAgent Works<\/h3>\n\n\n\n<p>SpyAgent uses optical character recognition (OCR), a technology capable of scanning images and extracting text from them. OCR is commonly used in many applications, including desktop computers, for tasks like copying text from an image. However, in the case of SpyAgent, this technology is weaponized to search for sensitive information, such as cryptocurrency private keys.<\/p>\n\n\n\n<p>According to McAfee Labs, the malware spreads through malicious links sent via text messages. When a user clicks the link, they are redirected to a fake, yet convincing website that prompts them to download a seemingly trustworthy application. Once installed, this app, disguised as a legitimate service, compromises the smartphone, giving the malware access to sensitive data.<\/p>\n\n\n\n<p>These fraudulent apps are often disguised as banking, government, or streaming service applications, tricking users into granting access to contacts, messages, and local storage. McAfee has detected over 280 fraudulent apps targeting South Korean users.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Rising Threat of Malware in 2024<\/h3>\n\n\n\n<p>SpyAgent is not the only recent malware targeting crypto investors. In August, McAfee also discovered Cthulhu Stealer, a malware affecting macOS systems. Similar to SpyAgent, Cthulhu Stealer disguises itself as legitimate software and steals personal information, including MetaMask passwords and private keys for cold wallets.<\/p>\n\n\n\n<p>Additionally, Microsoft uncovered a vulnerability in Google Chrome in the same month, believed to have been exploited by the North Korean hacking group Citrine Sleet. This group allegedly created fake cryptocurrency exchanges and tricked users into downloading malware by sending them fraudulent job applications. The malware was capable of stealing private keys, although the Chrome vulnerability has since been patched.<\/p>\n\n\n\n<p>Due to the increasing frequency of these attacks, the FBI has issued a warning, urging the crypto industry to stay vigilant against such threats.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of the latest threats is a new Android malware, SpyAgent, discovered by security firm McAfee. This malware can extract private keys from screenshots and images stored on a smartphone, posing a serious risk to crypto investors. [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":11349,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[43],"tags":[],"class_list":{"0":"post-11348","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-general-news"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>New Android Malware Steals Crypto Private Keys from Screenshots<\/title>\n<meta name=\"description\" content=\"A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Android Malware Steals Crypto Private Keys from Screenshots\" \/>\n<meta property=\"og:description\" content=\"A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/\" \/>\n<meta property=\"og:site_name\" content=\"CryptoMeter.io\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-07T05:24:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-07T05:24:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Anish Khalifa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CryptoMeterIO\" \/>\n<meta name=\"twitter:site\" content=\"@CryptoMeterIO\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Anish Khalifa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/\"},\"author\":{\"name\":\"Anish Khalifa\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/#\/schema\/person\/79113eacd105c71e5fa6019d028ca61e\"},\"headline\":\"New Android Malware Steals Crypto Private Keys from Screenshots\",\"datePublished\":\"2024-09-07T05:24:17+00:00\",\"dateModified\":\"2024-09-07T05:24:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/\"},\"wordCount\":347,\"publisher\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg\",\"articleSection\":[\"General News\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/\",\"url\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/\",\"name\":\"New Android Malware Steals Crypto Private Keys from Screenshots\",\"isPartOf\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg\",\"datePublished\":\"2024-09-07T05:24:17+00:00\",\"dateModified\":\"2024-09-07T05:24:21+00:00\",\"description\":\"A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of\",\"breadcrumb\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage\",\"url\":\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg\",\"contentUrl\":\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg\",\"width\":800,\"height\":450,\"caption\":\"android-malware\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.cryptometer.io\/news\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New Android Malware Steals Crypto Private Keys from Screenshots\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/#website\",\"url\":\"https:\/\/www.cryptometer.io\/news\/\",\"name\":\"CryptoMeter.io\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/#organization\"},\"alternateName\":\"CryptoMeter.io\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.cryptometer.io\/news\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/#organization\",\"name\":\"CryptoMeter.io\",\"url\":\"https:\/\/www.cryptometer.io\/news\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/www.cryptometer.io\/news\/wp-content\/uploads\/2023\/01\/cropped-favicon_large.png?fit=512%2C512&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.cryptometer.io\/news\/wp-content\/uploads\/2023\/01\/cropped-favicon_large.png?fit=512%2C512&ssl=1\",\"width\":512,\"height\":512,\"caption\":\"CryptoMeter.io\"},\"image\":{\"@id\":\"https:\/\/www.cryptometer.io\/news\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CryptoMeterIO\"],\"publishingPrinciples\":\"https:\/\/www.cryptometer.io\/news\/about-us\/\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/#\/schema\/person\/79113eacd105c71e5fa6019d028ca61e\",\"name\":\"Anish Khalifa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/04\/cropped-1-96x96.png\",\"url\":\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/04\/cropped-1-96x96.png\",\"contentUrl\":\"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/04\/cropped-1-96x96.png\",\"caption\":\"Anish Khalifa\"},\"description\":\"Hi there! I'm Anish Khalifa, a passionate cryptocurrency content writer with a deep love for this ever-evolving industry. I've been writing about crypto for over 3 years now and I've been captivated by its potential to revolutionize the financial world.\",\"url\":\"https:\/\/www.cryptometer.io\/news\/author\/anishkhalifa\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"New Android Malware Steals Crypto Private Keys from Screenshots","description":"A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/","og_locale":"en_US","og_type":"article","og_title":"New Android Malware Steals Crypto Private Keys from Screenshots","og_description":"A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of","og_url":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/","og_site_name":"CryptoMeter.io","article_published_time":"2024-09-07T05:24:17+00:00","article_modified_time":"2024-09-07T05:24:21+00:00","og_image":[{"width":800,"height":450,"url":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg","type":"image\/jpeg"}],"author":"Anish Khalifa","twitter_card":"summary_large_image","twitter_creator":"@CryptoMeterIO","twitter_site":"@CryptoMeterIO","twitter_misc":{"Written by":"Anish Khalifa","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#article","isPartOf":{"@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/"},"author":{"name":"Anish Khalifa","@id":"https:\/\/www.cryptometer.io\/news\/#\/schema\/person\/79113eacd105c71e5fa6019d028ca61e"},"headline":"New Android Malware Steals Crypto Private Keys from Screenshots","datePublished":"2024-09-07T05:24:17+00:00","dateModified":"2024-09-07T05:24:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/"},"wordCount":347,"publisher":{"@id":"https:\/\/www.cryptometer.io\/news\/#organization"},"image":{"@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg","articleSection":["General News"],"inLanguage":"en-US","copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/www.cryptometer.io\/news\/#organization"}},{"@type":"WebPage","@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/","url":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/","name":"New Android Malware Steals Crypto Private Keys from Screenshots","isPartOf":{"@id":"https:\/\/www.cryptometer.io\/news\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage"},"image":{"@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg","datePublished":"2024-09-07T05:24:17+00:00","dateModified":"2024-09-07T05:24:21+00:00","description":"A recent FBI warning highlights that North Korean hackers are increasingly targeting the cryptocurrency industry with sophisticated cyberattacks. One of","breadcrumb":{"@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#primaryimage","url":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg","contentUrl":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg","width":800,"height":450,"caption":"android-malware"},{"@type":"BreadcrumbList","@id":"https:\/\/www.cryptometer.io\/news\/new-android-malware-steals-crypto-private-keys-from-screenshots\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cryptometer.io\/news\/"},{"@type":"ListItem","position":2,"name":"New Android Malware Steals Crypto Private Keys from Screenshots"}]},{"@type":"WebSite","@id":"https:\/\/www.cryptometer.io\/news\/#website","url":"https:\/\/www.cryptometer.io\/news\/","name":"CryptoMeter.io","description":"","publisher":{"@id":"https:\/\/www.cryptometer.io\/news\/#organization"},"alternateName":"CryptoMeter.io","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cryptometer.io\/news\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.cryptometer.io\/news\/#organization","name":"CryptoMeter.io","url":"https:\/\/www.cryptometer.io\/news\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cryptometer.io\/news\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/www.cryptometer.io\/news\/wp-content\/uploads\/2023\/01\/cropped-favicon_large.png?fit=512%2C512&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.cryptometer.io\/news\/wp-content\/uploads\/2023\/01\/cropped-favicon_large.png?fit=512%2C512&ssl=1","width":512,"height":512,"caption":"CryptoMeter.io"},"image":{"@id":"https:\/\/www.cryptometer.io\/news\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CryptoMeterIO"],"publishingPrinciples":"https:\/\/www.cryptometer.io\/news\/about-us\/"},{"@type":"Person","@id":"https:\/\/www.cryptometer.io\/news\/#\/schema\/person\/79113eacd105c71e5fa6019d028ca61e","name":"Anish Khalifa","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/04\/cropped-1-96x96.png","url":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/04\/cropped-1-96x96.png","contentUrl":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/04\/cropped-1-96x96.png","caption":"Anish Khalifa"},"description":"Hi there! I'm Anish Khalifa, a passionate cryptocurrency content writer with a deep love for this ever-evolving industry. I've been writing about crypto for over 3 years now and I've been captivated by its potential to revolutionize the financial world.","url":"https:\/\/www.cryptometer.io\/news\/author\/anishkhalifa\/"}]}},"jetpack_featured_media_url":"https:\/\/www.cryptometer.io\/news\/wp-content\/uploads\/2024\/09\/android-malware.jpg","_links":{"self":[{"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/posts\/11348","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/comments?post=11348"}],"version-history":[{"count":2,"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/posts\/11348\/revisions"}],"predecessor-version":[{"id":11357,"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/posts\/11348\/revisions\/11357"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/media\/11349"}],"wp:attachment":[{"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/media?parent=11348"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/categories?post=11348"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cryptometer.io\/news\/wp-json\/wp\/v2\/tags?post=11348"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}