Crypto wallet owners in Korea should be wary of a new type of mobile malware designed to steal seed phrases, warns the cybersecurity firm McAfee.
A seed phrase is a collection of 12 to 24 random words used to restore access to a crypto wallet.
McAfee researchers note the new malware threat, called SpyAgent, has disguised itself as more than 280 fake apps, posing as services ranging from banking to TV streaming to government and utilities.
The fake apps, which have been operating in Korea since the beginning of the year, scrape user data from texts, contacts and stored images and send the information to remote servers to be scanned for seed phrases.
McAfee blogger Sang Ryol Ryu says the malware spreads through phishing campaigns that utilize texts and social media messages to proliferate malicious links.
“The attackers behind these messages often pretend to be organizations or people you trust, tricking you into clicking on their links. Once clicked, these links take you to fake websites that look incredibly real, mimicking the appearance of legitimate sites. These deceptive sites usually prompt you to download an app, which is how the malware gets installed on your device. Be cautious and always verify the authenticity of any message or link before clicking.”
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxGenerated Image: Midjourney