In recent months, hackers have become increasingly aggressive in their efforts to steal cryptocurrencies. Since January alone, over $1.2 billion in crypto assets have been stolen. Reports indicate that a significant portion of these hacks can be traced back to North Korean actors. On September 3, the FBI issued a public service announcement to warn the crypto industry about these threats. Let’s delve into the types of software you need to be aware of to safeguard your assets.
Alert for Android Users
Android users need to be particularly vigilant. McAfee, a leading software security firm, has identified a malicious Android software called SpyAgent. This malware employs Optical Character Recognition (OCR) technology to scan your phone’s storage for images, including screenshots that may contain private keys. It is crucial to remember that decentralized wallets often advise against taking screenshots of your keys. Instead, you should write them down on paper for safekeeping.
According to McAfee Labs, SpyAgent is distributed through malicious links sent via text messages. These links often masquerade as updates for banking apps. Once installed, the malware requests full phone permissions, including access to photos and media. For example, you might receive a text message claiming that your banking app is outdated and needs an update. If you click on the provided link without verifying its authenticity on the Play Store, you could be directed to a webpage resembling your bank’s site. Downloading and installing the app could grant hackers access to all your data.
The FBI has also warned the crypto community about sophisticated social engineering hacks. Malware like SpyAgent can disguise itself not only as banking apps but also as government applications or even games, making it even more dangerous.
Malware Attacks on MacOS
MacOS users should not consider themselves immune to these threats. In August, a malware similar to SpyAgent, known as Cthulhu Stealer, was identified targeting MacOS. This malware, like many others, disguises itself as legitimate software. Once downloaded, it can steal a wide range of personal information, including passwords for various accounts and wallets like MetaMask. Additionally, it can capture any private keys stored on the system and even the IP address of the user.
In the same month, North Korean hackers exploited a vulnerability in the Google Chrome web browser. They created fake websites that looked like legitimate crypto trading platforms to lure users into downloading malicious crypto wallets or trading apps.
What’s the Solution?
As hackers become increasingly interested in cryptocurrencies, the prevalence of malware attacks is on the rise. It is crucial for users of any device to download applications only from their original sources. Always verify the URL of the website before proceeding. Crypto users should never save images of seed phrases or write them on their computers or mobile devices. Pay close attention to what you are downloading and the websites you are visiting. Avoid downloading unknown applications.
The security of your crypto and personal information is ultimately your responsibility. Ensure that your devices remain free from malware to protect your assets.
