Beware: Android Malware Steals Credentials via OCR and Screenshots

July 28, 2023 at 03:31 PM

•

1 min read

Beware: Android Malware Steals Credentials via OCR and Screenshots — Photo: BleepingComputer

TL;DR Summary

Two new Android malware families, CherryBlos and FakeTrade, have been discovered on Google Play. CherryBlos is a cryptocurrency stealer that uses various tactics, including loading fake user interfaces and employing OCR to extract text from images, to steal cryptocurrency credentials and assets. It also acts as a clipboard hijacker for the Binance app, redirecting payments to the attackers' wallets. FakeTrade consists of 31 scam apps that trick users into watching ads, agreeing to premium subscriptions, or topping up in-app wallets without allowing them to cash out. Google has removed the reported malware apps from Google Play, but manual clean-ups may be necessary for infected devices.

Topics:technology #android-malware #cherryblos #cryptocurrency-theft #cybersecurity #faketrade #ocr

Share this article

New Android malware uses OCR to steal credentials from images BleepingComputer
Dangerous Android malware is stealing your passwords from screenshots — how to stay safe Tom's Guide
View Full Coverage on Google News

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

83%

631 → 105 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights