Cybersecurity researchers at Kaspersky Labs have uncovered a dangerous new malware called ‘SparkCat’, hidden inside Android and iOS app development kits (SDKs). This malicious software is designed to scan images on infected devices, searching for crypto wallet recovery phrases, passwords, and private messages—allowing hackers to steal funds without even needing login credentials.
How Does SparkCat Work?
SparkCat is particularly dangerous because it targets sensitive information stored in images rather than traditional phishing attacks or password theft. It operates by:
🔹 Using Google’s ML Kit OCR technology to extract text from screenshots and images.
🔹 Scanning devices for recovery phrases and sensitive data stored in pictures.
🔹 Sending stolen information to attackers, giving them full access to crypto wallets.
The malware is embedded within legitimate and fake apps available on Google Play Store and Apple App Store, disguised as analytics modules.
Who’s Affected?
So far, around 242,000 devices have been infected, with most cases reported in Europe and Asia. The malware’s origin remains unclear, but code analysis suggests the developer is fluent in Chinese.
How Did It Spread?
Experts suspect the malware’s spread could be due to:
A supply chain attack—where hackers compromised trusted app-making tools.
Intentional embedding—where developers knowingly included the malware in apps.
What Should You Do?
With SparkCat actively stealing sensitive data, users are urged to take immediate action:
✅ Avoid storing crypto recovery phrases, passwords, or private data in images.
✅ Uninstall suspicious apps, especially ones requesting unnecessary permissions.
✅ Be cautious when granting apps access to your photo gallery.
✅ Regularly update your security software and perform device scans.
What’s Next?
Google and Apple have yet to respond to the findings, but security experts warn that this could be just the beginning of more sophisticated crypto-targeted malware. As crypto adoption grows, so do cyber threats—staying informed and practicing digital security is more important than ever.
Have you checked your phone for suspicious apps lately? Stay safe and protect your crypto!
