Nostr Web Client

Malware has been found in both Google Play and Apple's App Store that uses optical character recognition to steal cryptocurrency wallet recovery phrases from users' photo galleries.

That's...kind of cool and an interesting attack vector. Don't take screenshots or photos of your wallet's recovery phrases.

https://m.slashdot.org/story/438433

Final 10mo ago 💬 3

iOS has per-image access permissions, #GrapheneOS has storage scopes. Please use these features. You shouldn't be saving copies of your seed phrase like this too.

nostr:nevent1qqsrajuuughnu3gm6xk00wuex8dcp3wjnagnjd8udgstz8kkvc2qvgqpz4mhxue69uhkummnw3ezummcw3ezuer9wchsygplwuxkt5a8vj5utj6s8tsj8e3wcavc45p4mqmw92qs7wrh5azmyspsgqqqqqqscec36h

Reply to this note

Please Login to reply.

Discussion

Arándano 10mo ago

But it is not clear to me which app is.. Is the Play Store with gallery access privileges? Or is it a malware app installed by the user?

Final 10mo ago

It's the malware app. Typical Android malware like this asks for invasive permissions to then abuse them. Play Services doesn't provide apps permissions on their behalf.

Vitor Pamplona 10mo ago

Android 14+ also has per-image access permissions and now no new updates can be made to apps that requests full access to all images like in the past.