The FBI has issued a warning on SpyAgent, a new and advanced Android virus that was found by McAfee. Its purpose is to steal private keys for bitcoin from customers' handsets.

SpyAgent aims to steal private keys by scanning and extracting text from photos and screenshots saved on the device using optical character recognition (OCR) technology.

According to McAfee's research, malicious URLs transmitted via text messages are the primary vector for spreading SpyAgent.

Malware Pretending to Be Different Programs
Users are tricked into downloading a software that seems like a trustworthy tool when they click on these links. The websites that reroute them appear respectable.

The SpyAgent spyware, which infiltrates the phone's security once loaded, is really this app.

Malware sometimes takes the appearance of seemingly legitimate programs, such as those for banking, government, and streaming services.


It asks for access to your contacts, messages, and local storage when you install it, so it may steal your personal information.

According to McAfee, more than 280 malicious applications have been found to include SpyAgent, which is mostly aimed against consumers in South Korea.

Following the detection of yet another malware threat in August, this warning has been issued.

Passwords for MetaMask, IP addresses, and private keys to cold wallets are among the personal details targeted by the "Cthulhu Stealer," an infection that infects MacOS computers and similarly masquerades as legal software.

The same month that North Korean hacking outfit Citrine Sleet used a Google Chrome vulnerability that Microsoft found, they used it to establish phony cryptocurrency exchanges and bogus job applications.

Malware that stole private keys and could be managed remotely was installed as a result of these actions.

An official warning on North Korean hacking efforts was issued by the FBI due to the increase in these sorts of assaults; however, the vulnerability in Chrome has already been addressed.

To safeguard their digital assets from such advanced attacks, users should be cautious and not download programs or click on links from unfamiliar sources.

Scams Cost Crypto Projects $310M in August
The second-highest monthly total this year was $310 million, lost in August due to different vulnerabilities, representing a spike in crypto-related frauds.

The total loss came to $300.6 million, albeit $10.3 million of the stolen goods were recouped or returned in the end.

Of all the losses, over $293 million were caused by phishing attempts, making them the most destructive.

Two massive phishing assaults stole $238 million worth of Bitcoin and $55 million worth of DAI stablecoin.

In addition to phishing, August saw assaults on other cryptocurrency projects, resulting in significant losses.

One example is the theft of 4,040 ETH, or $9.85 million at the time, from the Ronin Network on August 6th. The network is an Ethereum Virtual Machine (EVM) sidechain.

Also, compared to prior months, August's losses of $1.2 million were reduced due to flash loan assaults, which is still a cause for worry.

Despite an uptick in phishing and other exploitative tactics, exit scam losses dropped sharply to $800,000 in August from over $3 million in July.

#FBI #Hack #ETH