In its latest investigation report, McAfee warns about SpyAgent, a malware capable of stealing a seed phrase stored on its victim's Android smartphone. How does the program work and how to protect yourself from it?
SpyAgent, the malware that seeks to steal cryptocurrencies
In a report published Friday, McAfee antivirus teams detail how the SpyAgent, a recently identified malware targeting Android smartphonesThe goal of this malware is to steal any mnemonic phrases stored on the victim's phone, the famous 12 or 24 words symbolizing the private key of a crypto wallet.
To infect a phone, this program slips into fake applications promising various services, ranging from banking to streaming for example:
However, once installed, these fake apps secretly collect and send your text messages, contacts, and all stored images to remote servers. They often distract users with endless loading screens, unexpected redirects, or brief blank screens to hide their real activities.
💡 How to limit the risk of hacking through good practices?
To act, The malware will then request access to the device's contacts and imagesand would also be able to send phishing messages to registered contacts.
For now, South Korean users are said to be the main targets, and McAfee's research teams have identified more than 280 fraudulent applications embedding SpyAgent since last January.
Ledger: the best solution to protect your cryptocurrencies 🔒
How to protect yourself against such a risk?
In reality, such viruses are nothing new and have been present in the crypto ecosystem for several years. Last year, Charles Guillemet, Ledger's CTO, explained how they work in an interview.
However, whenever one of these malwares makes headlines, it is good to recall some security basics to protect yourself from such attacks. Thus, the most crucial point is the following: never store a private key or mnemonic phrase on your phone. This recommendation is also valid for a computer, or any other device capable of connecting to the Internet.
In this specific case, increased attention should also be paid to downloaded applications, especially when one of them does not come from the official Store, such as an APK file. If you are not completely sure of what you are installing, it is better to change your mind.
👉 Also in the news — Telegram CEO arrested: Messaging service reviews moderation policy
Finally, it is important to be vigilant about the permissions granted to an application. For example, a price tracker requesting access to the phone's images could be a point of distrust.
Cryptoast Research: Don't Spoil This Bull Run, Surround Yourself With Experts
Source: McAfee
The #1 Crypto Newsletter 🍞
Receive a daily crypto news recap by email 👌
What you need to know about affiliate links. This page may feature investment-related assets, products, or services. Some links in this article may be affiliate links. This means that if you purchase a product or sign up for a site from this article, our partner pays us a commission. This allows us to continue to provide you with original and useful content. There is no impact on you and you can even get a bonus for using our links.
Investing in cryptocurrencies is risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers must do their own research before taking any action and only invest within the limits of their financial capacities. This article does not constitute investment advice.
AMF recommendations. There is no guaranteed high return, a product with a high return potential implies a high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose part of these savings. Do not invest if you are not prepared to lose all or part of your capital.
To go further, read our Financial Situation, Media Transparency and Legal Notices pages.