{"id":1842,"date":"2025-02-08T05:03:26","date_gmt":"2025-02-08T05:03:26","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/02\/08\/screenshot-reading-malware-html\/"},"modified":"2025-02-08T05:03:26","modified_gmt":"2025-02-08T05:03:26","slug":"screenshot-reading-malware-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/02\/08\/screenshot-reading-malware-html\/","title":{"rendered":"Screenshot-Reading Malware"},"content":{"rendered":"\n<div>Screenshot-Reading Malware<\/div>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>Kaspersky is <a href=\"https:\/\/www.engadget.com\/cybersecurity\/kaspersky-researchers-find-screenshot-reading-malware-on-the-app-store-and-google-play-211011103.html\">reporting<\/a> on a new type of smartphone malware.<\/p>\n<blockquote>\n<p>The malware in question uses optical character recognition (OCR) to review a device\u2019s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times. Kaspersky says: \u201cThis is the first known case of an app infected with OCR spyware being found in Apple\u2019s official app marketplace.\u201d<\/p>\n<\/blockquote>\n<p>That\u2019s a tactic I have not heard of before.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Bruce Schneier<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.schneier.com\/blog\/archives\/2025\/02\/screenshot-reading-malware.html\">Go to bruce schneier<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Screenshot-Reading Malware Kaspersky is reporting on a new type of smartphone malware. The malware in question uses optical character recognition (OCR) to review a device\u2019s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times. Kaspersky says: \u201cThis is the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[57,760,258,340,253,1],"tags":[87],"class_list":["post-1842","post","type-post","status-publish","format-standard","hentry","category-bruce-schneier","category-kaspersky","category-malware","category-smartphones","category-spyware","category-uncategorized","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/1842"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=1842"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/1842\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=1842"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=1842"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=1842"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}