New Android malware uses OCR to steal credentials from images

CherryBlos and FakeTrade, two new Android malware families, were spotted on Google Play with the intention of stealing cryptocurrency-related information and money or running scams. Trend Micro uncovered the new malware strains and found that they shared the same network infrastructure and certifications, indicating that the same threat actors were responsible for their creation.

The malicious apps spread through a number of avenues, including Google Play, phishing websites, social media, and shady shopping apps. The first instance of CherryBlos malware distribution was observed in April 2023. It took the shape of an APK (Android package) file that was advertised on Telegram, Twitter, and YouTube as AI tools or cryptocurrency miners.

New Android malware uses OCR to steal credentials from images

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

New Android malware uses OCR to steal credentials from images

28-Jul-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address