Kaspersky researchers have discovered a new malware campaign, named SparkCat, affecting apps on both Android and iOS platforms. This stealthy malware, active since March 2024, utilizes optical character recognition (OCR) to scan users’ photo libraries for sensitive screenshots, specifically targeting recovery phrases for cryptocurrency wallets.
Notably, some affected apps, including food delivery services, appeared legitimate, complicating the matter further. On February 6, Kaspersky reported that Apple had removed 11 compromised apps from the App Store, citing their shared code with previously rejected applications. Apple emphasized its commitment to security, reminding users that even the App Store can face threats. ️
While the malware has been downloaded over 242,000 times from Google Play, Kaspersky noted that this marks the first instance of OCR spyware found in Apple’s marketplace. This revelation serves as a cautionary tale about the potential vulnerabilities within seemingly secure ecosystems. ⚠️
