Picture this: You’re scrolling through your photos, reminiscing on good times, and out of nowhere – BAM! Your bank account is suddenly empty. How did that happen, you wonder?
Well, my friends, welcome to the era of CherryBlos and FakeTrade, two cunning new forms of Android malware that were discovered by Trend Micro, which can lift your passwords and other precious data from your photo album.
Let’s talk about CherryBlos first. Now, this malware, believe it or not, operates under the guise of an AI-powered cryptocurrency mining app known as SynthNet. The camouflage is so convincing that it successfully infiltrated the Google Play Store, deceiving users into downloading it. But the trickery doesn’t end there.
The crafty creators of CherryBlos went the extra mile to exploit social media platforms like Twitter and Telegram. They promoted this malicious app through posts and direct messages, luring unsuspecting users with the promise of a tech-savvy, crypto-rich future. All it takes is one click on that download link, and CherryBlos becomes an unwanted guest on your device.
How does CherryBlos steal your data?
Once installed, CherryBlos employs a sophisticated tactic known as “fake overlays.” If you’re wondering what that means, it’s just as devious as it sounds. Essentially, this malware can create a counterfeit screen that is a carbon copy of your legitimate banking or crypto apps.
When you enter your username and password, thinking you’re logging into your account, you’re actually typing it into the fake overlay created by CherryBlos. So, instead of accessing your account, you’re handing over your precious credentials to this digital pirate.
How CherryBlos can steal your passwords from images
It gets even more insidious. CherryBlos doesn’t limit itself to the data you actively input. It uses Optical Character Recognition, or OCR, to read…