Crypto-stealing malware uses OCR to find info in victim’s photo libraries
A malicious software development kit (SDK) used in Android and iOS apps has been found to use optical character recognition to scan victims’ photo libraries, looking for cryptocurrency wallet IDs and recovery key information.
Any cryptocurrency information it finds hiding within the victim’s photo libraries is transmitted back to the operators, who then use it to gain access to and drain the wallets of their currency.
While not entirely unimaginable, this is a pretty novel attack method, and many people take photos of, for example, important information for safekeeping. Advances in OCR, including Apple and Google’s own machine learning algorithms, now make it trivial to search for certain content amongst thousands of photographs quickly.