Dangerous ‘SparkCat’ Malware Discovered in Official App Stores, Targets Crypto Users

Security Flaw in DeepSeek AI Tool Leaves System Vulnerable to Attacks, Report Finds

  • Cryptocurrency wallet-targeting Malware discovered on iOS App Store for the first time, affecting multiple applications.
  • SparkCat malware campaign has infected apps with over 242,000 combined downloads on Google Play Store.
  • Malicious apps use OCR technology to scan device galleries for cryptocurrency wallet recovery phrases.
  • Affected applications include legitimate-appearing food delivery services and AI messaging apps.
  • Apple‘s App Store review process shows vulnerability despite claimed security measures.

A sophisticated malware campaign dubbed “SparkCat” has breached both Apple‘s App Store and Google Play Store security measures, targeting cryptocurrency users’ wallet recovery phrases through seemingly legitimate applications, security researchers at Kaspersky revealed today.

- Advertisement -

The campaign, active since March 2024, represents the first documented case of crypto-stealing malware successfully infiltrating Apple‘s typically stringent App Store ecosystem. Among the compromised applications, an Indonesian food delivery app called ComeCome accumulated over 10,000 downloads before detection.

The malware operates through a concealed SDK framework that employs optical character recognition (OCR) technology to scan users’ photo galleries for specific keywords related to cryptocurrency wallets. “What makes this Trojan particularly dangerous is that there’s no indication of a malicious implant hidden within the app,” Kaspersky researchers noted in their detailed analysis.

On the Google Play Store front, the impact appears more severe, with infected applications amassing over 242,000 downloads collectively. This breach occurs despite Google‘s recent efforts to enhance security, which resulted in blocking more than 2 million risky applications in 2024 alone.

Security experts recommend immediate removal of affected applications and advise against storing sensitive information in device galleries. Instead, users should employ secure password managers for storing critical credentials. For comprehensive device protection, experts suggest installing reputable antivirus software.

The emergence of SparkCat malware highlights an evolving threat landscape where cybercriminals increasingly target cryptocurrency assets through sophisticated social engineering and malware distribution techniques. Users should exercise heightened caution when downloading applications, particularly those requesting extensive device permissions or access to sensitive data.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest News

Pepe Meme Coin Drops 4.7% as Investor Interest Fades Further

Pepe meme coin dropped 4.7% in value over the past 24 hours, trading at...

WhatsApp Rolls Out AI Message Summaries with Advanced Privacy

WhatsApp introduces an AI-driven feature to summarize unread messages for users. The feature, called Message...

Opyl Turns to Bitcoin Treasury as Cash Crisis Deepens

Opyl Limited, an Australian biotech company, bought around 2 Bitcoin as part of a...

Theta Network Launches EdgeCloud Beta, Unveils Hybrid GPU Platform

THETA Network is launching the beta version of EdgeCloud’s hybrid edge-cloud computing platform on...

Australian Police Crack Down on Crypto ATM Scams, Contact 90 Users

Australian police contacted over 90 people linked to suspected criminal use of crypto ATMs.Victims...

Must Read

10 BEST Companies to Buy Hosting With Bitcoin And Crypto

If you are looking to buy hosting with bitcoin or cryptocurrency then you've come to the right place.I've done the research for you...