Hackers are targeting apps on the App Store and Google Play Store with malware that steals information from screenshots saved on a device, according to Kaspersky researchers. The malware scans screenshots, extracts text, and sends the information to remote servers, potentially accessing contents including crypto wallet recovery phrases, login credentials, and payment details. The malware has infected apps including ComeCome, ChatAi, WeTink, AnyGPT. Apple and Google have removed the infected apps and are reviewing their security procedures to avoid similar incidents in the future.
Lazarus Group hiding malware in GitHub and open-source packages
North Korean hacking group, Lazarus Group, is using malware to steal cryptocurrency, according to SecurityScorecard’s STRIKE Team. The malware, named Marstech1, is planted in “undetectable”
