Several harmful apps, available on the Google Play Store and Apple App Store, have been found to secretly steal cryptocurrency wallet recovery phrases.
The malware in the apps uses a technology known as Optical Character Recognition (OCR) to scan screenshots and notes for sensitive text.
The apps have been downloaded more than 2,40,000 times on Google Play alone.
If you’re using cryptocurrency or planning to store your assets, be aware of a growing threat that could compromise your digital wallet. Several harmful apps, available on the Google Play Store and Apple App Store, have been found to secretly steal cryptocurrency wallet recovery phrases, which are like passwords to your crypto assets.
SurveyThe malware in the apps uses a technology known as Optical Character Recognition (OCR) to scan screenshots and notes for sensitive text. The apps have been downloaded more than 2,40,000 times on Google Play alone, putting many unsuspecting users at risk.
Also read: Alert! Popular apps like Candy Crush and Tinder can expose your personal data to hackers
“We found Android and iOS apps that had a malicious SDK/framework embedded to steal crypto wallet recovery phrases, some of which were available on Google Play and the App Store. The infected apps were downloaded more than 242,000 times from Google Play. This is the first known case of a stealer being found in the App Store,” the popular cybersecurity company Kaspersky was quoted as saying in a Bleeping Computer report.
The malware works by searching for images containing sensitive information by using specific keywords in different languages depending on the region. While some of these apps may be targeted at particular regions, it’s possible that they could affect users globally.
In total, 18 Android apps and 10 iOS apps have been found to contain this malware. One such app, ChatAi for Android, had over 50,000 installs before being removed from the Google Play Store.
To make sure your device is safe, run a mobile antivirus scan to detect any remaining threats. In more severe cases, performing a factory reset might be necessary to completely remove the malware.
To protect yourself from this type of threat, avoid storing cryptocurrency wallet recovery phrases in screenshots or notes. Instead, save them in offline storage options such as encrypted USB drives, physical copies, or a secure, offline password manager.
Follow Us
Ayushi Jain
Tech news writer by day, BGMI player by night. Combining my passion for tech and gaming to bring you the latest in both worlds. View Full Profile
