Hackers are getting more and more aggressive towards stealing cryptos. They have stolen over $1.2 Billion in crypto since January. Reports suggest that most of these hacks are related to DPRK. The FBI has issued a Public service announcement on September 3, warning the crypto industry about North Korean hackers. Let’s explore what kind of softwares you should stay aware of.
Alert for Android Users
The software security firm McAfee has identified an Android malware called SpyAgent. It has an OCR or Optical Character Recognition and scans the phone storage for images including screenshots for private keys. Remember every decentralized wallet asks you not to screenshot your keys and better write them down for safe keeping on a piece of paper.
According to McAfee Labs, this malware is distributed using malicious links that are sent via text messages. These programs are disguised as banking apps and once installed asks for total phone permission including photos and media.
Assume getting a text message saying you are running an outdated version of your bank app, click here to update and enjoy the latest features. And instead of checking this info on playstore you just click on the link which opens a webpage similar to your bank’s website. You download and install the application and now all your data is accessible to hackers.
The FBI has also alerted the crypto community of highly tailored social engineering hacks. This malware plays similar to that. And these malware, they might be disguised not just like your bank app but some other government application or even a game.
Malware attacks on MacOS
If you use MacOS and think you can’t get such malwares on your system, think again. In August, similar to SpyAgent, a malware called Cthulhu Stealer was identified targeting MacOS. Like all malwares, it disguises itself as legitimate software. Once downloaded it will steal user’s private information that include all kinds of passwords. Apart from that it will also capture passwords for wallets like MetaMask and any other private key stored on the system along with the IP address.
In August, North Korean hackers used a vulnerability in Google Chrome web browser. They would then create fake websites disguised as legit crypto trading platforms and then lure the people to download a crypto wallet or trading app which was a malware.
What’s the solution
As Hackers are growing more and more interested in cryptocurrencies, these malware techniques are on the rise. It is very important for users of any device to download any application from its original source. You must check the url of the website. The crypto users at any cost must not save images of seed phrases or write them in your computer or mobile devices. Alway pay close attention to what you are downloading, what websites you are browsing and do not download unknown applications.
The security of your crypto and private information is your responsibility. Make sure to keep your devices malware free.
Credit: Source link