Malware-Infested Apps on Google Play & Apple Store Target 242,000 Users!
Hackers are hijacking apps on Google Play and Apple’s App Store, infecting 242,000 devices with malware that scans photos for crypto wallet secrets. Your funds could vanish with just one screenshot!
Kaspersky Labs says a new cybersecurity threat malware is making waves in the crypto space as malicious apps on Google Play and Apple’s App Store have reportedly infected over 242,000 devices.
According to Kaspersky Labs, these applications contain malware called SparkCat, which leverages Optical Character Recognition (OCR) technology to scan user images for crypto wallet recovery phrases, potentially leading to massive fund theft.
Malware Exploit Apps to Steal Crypto Wallets
Kaspersky analysts Sergey Puzan and Dmitry Kalinin revealed in a February 4 report that SparkCat operates by searching for images with specific keywords across multiple languages. Hackers gain full access to a crypto wallet once they identify its seed phrase, transferring funds without needing passwords.
According to Cointelegraph, the malware embedded in a software development kit (SDK), is designed to target both Android and iOS users. Notably, it uses Google ML Kit OCR to extract text from images, making it a powerful tool for stealing sensitive data. The report further highlights that SparkCat can access personal messages, passwords, and other confidential data stored in users’ galleries.
Kaspersky stated that some apps, like food delivery services, look legitimate, while others clearly aim to lure victims—for example, several AI-powered messaging apps from the same developer. The cybersecurity firm also found traces of Chinese-written comments within the malware’s code, hinting at its possible origins.
A user on X (formerly Twitter), @AGENDAv2014, reacted to the report, warning, “This is nothing new. Do not screenshot passphrases.”
A Growing Cyber Threat Across Industries
Kaspersky’s findings align with an earlier report from Cybertecwiz, which exposed similar malicious tactics used by hackers. The report disclosed that cybercriminals deploy various malware types, including Trojan-PSW, which steals login credentials; Trojan-Banker, which extracts payment data; and Trojan-Game Thief, which targets gaming accounts.
Between July 1, 2021, and June 30, 2022, Kaspersky detected over 3,705 unique malicious files affecting 6,491 users. These statistics emphasize the increasing threat posed by sophisticated cyberattacks across multiple industries.
While the origins of the SparkCat malware remain unclear, its impact has already raised alarms among security experts and crypto users.
