Enlarge (credit: Getty Images)

Security researchers have unearthed a rare malware find: malicious Android apps that use optical character recognition to steal credentials displayed on phone screens.

The malware, dubbed CherryBlos by researchers from security firm Trend Micro, has been embedded into at least four Android apps available outside of Google Play, specifically on sites promoting money-making scams. One of the apps was available for close to a month on Google Play but didn’t contain the malicious CherryBlos payload. The researchers also discovered suspicious apps on Google Play that were created by the same developers, but they also didn’t contain the payload.

Advanced techniques

The apps took great care to conceal their malicious functionality. They used a paid version of commercial software known as Jiagubao to encrypt code and code strings to prevent analysis that can detect such functionality. They also featured techniques to ensure the app remained active on phones that had installed it. When users opened legitimate apps for Binance and other cryptocurrency services, CherryBlos overlaid windows that mimicked those of the legitimate apps. During withdrawals, CherryBlos replaced the wallet address the victim selected to receive the funds with an address controlled by the attacker.

Permet d'extraire le texte d'une image (OCR)

Franchement, ça marche nickel Oo.

#GnomeFrog, #OCR, #LogicielLibre, #FreeSoftware, #Linux

Enlarge / Rewind reportedly lets you search your Mac's usage history for what you've seen, said, or heard. (credit: Rewind AI)

Yesterday, a company called Rewind AI announced a self-titled software product for Macs with Apple Silicon that reportedly keeps a highly compressed, searchable record of everything you do locally on your Mac and lets you "rewind" time to see it later. If you forget something you've "seen, said, or heard," Rewind wants to help you find it easily.

Rewind AI claims its product stores all recording data locally on your machine and does not require cloud integration. Among its promises, Rewind will reportedly let you rewind Zoom meetings and pull information from them in a searchable form.

In a video demo on Rewind.AI's site, the app opens when a user presses Command+Shift+Space. The search bar suggests typing "anything you've seen, said, or heard." It also shows a timeline at the bottom of the screen that represents previous actions in apps.