Tuesday, November 5, 2024

Android owners warned over chilling attack that can leave accounts empty

Must read

MILLIONS of Android users are being warned of a chilling cyber threat that could raid their bank accounts, leaving them empty.

SpyAgent, has been identified as a new malware which runs the risk of draining all funds linked to a device’s wallet if tech users do this one thing.

2

Android users need to take note to ensure that their devices are not vulnerable to the malware threatCredit: Getty
Android owners have been warned over the threat which could see their bank accounts drained

2

Android owners have been warned over the threat which could see their bank accounts drainedCredit: McAfee

Android users who have taken screenshots identifying their cryptocurrency wallet recovery phrases could find themselves vulnerable to theft.

By using optical character recognition (OCR) technology, hackers employing the malware could use the cryptocurrency recovery phrase.

Also known as the seed phrase, the series of 12-24 words usually act as a backup key for a cryptocurrency wallet in the case of a lost device or forgotten password.

By stealing the backup phrase, the hacking technology could gain access to all of the funds linked to the device as threat actors could use the malware to restore a device’s wallet and steal the stored funds.

As recovery phrases can be difficult to remember, users are advised to note down the words and store them in a safe place.

But this could leave people vulnerable to online attack if they decide to take a screenshot and save the image on their device.

McAfee has previously identified at least 280 APKs which were traced to a malware operation distributed “outside of Google Play using SMS” or “malicious social media posts”.

This malware could exploit OCR to get hold of the recovery phrases stored on an Android device, hazarding a serious threat.

The Californian based Security Group has also seen attempts to transfer this use to exploit iOS devices meaning this type of attack could reach further tech consumers.

Whilst for Android devices, some applications have been found to appear similar to ones being used by South Korean and UK government services as well as dating or pornography sites to attract users before exploiting them.

Google reveals mega new AI features coming to Android

This is not the first time OCR technology has been used to steal data via images.

Last year, Trend Micro revealed two Android malware families being spread via Google Play that exploited similar tactics.

It comes as an iconic Android brand from the ’00s recently revealed a budget friendly device.

The Motorola phone even comes with free Bluetooth headphones.

Must-know Android tips to boost your phone

Get the most out of your Android smartphone with these little-known hacks:

Latest article