2024-09-05 SPYAGENT Android Malware Stealing Crypto Credentials via Image Recognition / OCR Samples

2024-09-05 SPYAGENT Android Malware Stealing Crypto Credentials via Image Recognition / OCR Samples
2024-9-10 08:5:0 Author: contagiominidump.blogspot.com(查看原文) 阅读量:10 收藏

2024-09-05 McAfee New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition

McAfee Labs' analysis of the "SpyAgent" Android malware revealed a sophisticated use of Optical Character Recognition (OCR) for extracting sensitive information, particularly mnemonic keys for cryptocurrency wallets.

The malware captures images stored on infected devices and uploads them to a remote Command and Control (C2) server.

Server-side OCR processes these images to extract text, specifically targeting mnemonic recovery phrases. This extracted data is critical for accessing and potentially stealing cryptocurrency assets.

Once the OCR extracts the text, the information is organized and managed through an administrative panel on the C2 server. This indicates a high level of sophistication in handling the stolen data, allowing attackers to efficiently process and utilize the extracted information.

5b634ac2eecc2bb83c0403edba30a42cc4b564a3b5f7777fe9dada3cd87fd761

4cf35835637e3a16da8e285c1b531b3f56e1cc1d8f6586a7e6d26dd333b89fcf

3d69eab1d8ce85d405c194b30ac9cc01f093a0d5a6098fe47e82ec99509f930d

789374c325b1c687c42c8a2ac64186c31755bfbdd2f247995d3aa2d4b6c1190a

34c2a314dcbb5230bf79e85beaf03c8cee1db2b784adf77237ec425a533ec634

f7c4c6ecbad94af8638b0b350faff54cb7345cf06716797769c3c8da8babaaeb

94aea07f38e5dfe861c28d005d019edd69887bc30dcc3387b7ded76938827528

1d9afa23f9d2ab95e3c2aecbb6ce431980da50ab9dea0d7698799b177192c798

19060263a9d3401e6f537b5d9e6991af637e1acb5684dbb9e55d2d9de66450f2

0ca26d6ed1505712b454719cb062c7fbdc5ae626191112eb306240d705e9ed23

d340829ed4fe3c5b9e0b998b8a1afda92ca257732266e3ca91ef4f4b4dc719f8

149bd232175659434bbeed9f12c8dd369d888b22afaf2faabc684c8ff2096f8c

f9509e5e48744ccef5bfd805938bf900128af4e03aeb7ec21c1e5a78943c72e7

26d761fac1bd819a609654910bfe6537f42f646df5fc9a06a186bbf685eef05b

0e778b6d334e8d114e959227b4424efe5bc7ffe5e943c71bce8aa577e2ab7cdb

8bbcfe8555d61a9c033811892c563f250480ee6809856933121a3e475dd50c18

373e5a2ee916a13ff3fc192fb59dcd1d4e84567475311f05f83ad6d0313c1b3b

7d346bc965d45764a95c43e616658d487a042d4573b2fdae2be32a0b114ecee6

1bff1823805d95a517863854dd26bbeaa7f7f83c423454e9abd74612899c4484

020c51ca238439080ec12f7d4bc4ddbdcf79664428cd0fb5e7f75337eff11d8a

文章来源: http://contagiominidump.blogspot.com/2024/09/2024-09-05-spyagent-android-malware.html
如有侵权请联系:admin#unsafe.sh