- AhnLab Security Intelligence Center (ASEC) has recently confirmed that the ViperSoftX attacker is using Tesseract to steal users’ image files.
- ViperSoftX is a malicious code that resides in the infected system and is responsible for executing the attacker’s commands or stealing cryptocurrency-related information.
- The newly discovered malware uses the open-source OCR engine, Tesseract, which supports extracting text from images using deep learning techniques.
- The malicious code used in the attack reads the images stored in the infected system and extracts strings using the Tesseract tool.
- If any strings related to passwords or cryptocurrency wallet addresses are found in the extracted text, the corresponding image is stolen.
- This attack technique has been observed for several years.
https://asec.ahnlab.com/ko/64931/