"Android Malware Steals User Credentials Using Optical Character Recognition"

Researchers have uncovered malicious Android apps that use optical character recognition to steal credentials displayed on smartphone screens. The malware, dubbed CherryBlos by Trend Micro security researchers, has been embedded in at least four Android apps available outside of Google Play, particularly on sites promoting money-making scams. One of the apps was available on Google Play for nearly a month without the malicious CherryBlos payload. The researchers also found suspicious apps created by the same developers on Google Play, but they did not contain the payload. The apps concealed their malicious functionality with great care. This article continues to discuss findings regarding the CherryBlos malware. 

Ars Technica reports "Android Malware Steals User Credentials Using Optical Character Recognition"

Submitted by Anonymous on