A recent security report reveals that certain Android and iOS apps on the Google Play Store and Apple App Store contain harmful software designed to steal cryptocurrency wallet recovery phrases. This malicious software development kit, named “SparkCat,” operates by using optical character recognition (OCR) to scan images on devices for sensitive information. Over 242,000 downloads of these infected apps have been recorded, with some still available for download. Users are urged to uninstall affected apps and consider using antivirus tools. It’s advised to avoid storing recovery phrases in screenshots and instead keep them in secure, offline locations. Security experts are monitoring the situation and seeking responses from Google and Apple about these apps.
Image shows cryptocurrency falling.
Recently, Kaspersky has uncovered a concerning trend involving malicious apps that can steal cryptocurrency wallet recovery phrases. These apps, available on the Google Play Store and Apple App Store, contain a harmful software development kit (SDK) known as “SparkCat.” This operation primarily targets users without the app developers’ knowledge.
The “Spark” malicious component embedded in the affected apps uses advanced technology like optical character recognition (OCR) to extract sensitive information. More than 242,000 downloads have been recorded for these apps on Google Play alone, marking this as the first known case of such malware affecting the Apple App Store.
Spark SDK stealing your crypto
The dangerous SDK appears in Android apps disguised as an analytics module. It utilizes an encrypted file stored online to receive commands and updates. For iOS devices, the harmful framework goes by various names and uses a Rust-based module for communication. The SDK searches for images containing recovery phrases by scanning the device’s photos, using different OCR models to read text in multiple languages.
The infected apps
Kaspersky has identified 18 infected Android apps and 10 iOS apps, some of which remain available for download. One notable Android app, ChatAi, was downloaded over 50,000 times before being removed. Users are urged to uninstall any suspicious apps immediately and run antivirus software on their devices.
It is crucial to avoid keeping cryptocurrency wallet recovery phrases in screenshots or digital formats accessible to malware. Instead, opt for safer methods like storing them on secure offline media or using reliable password managers that are not connected to the internet.
Stay vigilant and check the full list of affected apps to protect your assets. Kaspersky has reached out to both Apple and Google for comments on this alarming matter, and updates will be provided as they come in.
Stay safe and protect your cryptocurrency wallets.
Tags: cryptocurrency, malware, Kaspersky, SparkCat, cybersecurity, mobile apps, wallet recovery phrases.
Frequently Asked Questions About Apps Stealing Crypto Wallets
What should I do if I think my crypto wallet is stolen?
If you suspect your crypto wallet is stolen, act quickly. Change your passwords and enable two-factor authentication on your accounts. Notify your wallet provider and contact local authorities if needed.
How do I know if an app is safe to use?
Look for reviews and ratings on the app store. Check for updates and any security issues reported. Be cautious of apps asking for unnecessary permissions or personal information.
Can I recover stolen crypto if I act fast?
Recovering stolen crypto can be difficult. It’s important to report the theft to your wallet provider and law enforcement. They may not be able to get your crypto back, but they can help keep others safe.
Are there signs that an app might steal my crypto?
Yes, watch out for apps that ask for too much personal information or require you to give your private keys. Also, be cautious of apps with poor reviews or those that seem too good to be true.
How can I protect my crypto wallet from theft?
To protect your crypto wallet, use strong, unique passwords and enable two-factor authentication. Be careful about downloading unknown apps and regularly update them to fix security issues.
