Key Points:
- SparkCat malware extracts crypto wallet mnemonics via OCR.
- Around 242,000 devices are infected with SparkCat malware.
Kaspersky found SparkCat malware in SDKs on Google Play and App Store. It uses OCR to steal crypto wallet mnemonics, infecting 242,000 devices.
Kaspersky Uncovers SparkCat Malware in SDKs on App Stores
Kaspersky has found the SparkCat malware on both Google Play and the Apple App Store, hiding in SDKs. These SDKs contain malicious code within them that developers are using to generate revenue that enables the infection of a device.
SparkCat uses OCR technology to look for crypto wallet recovery phrases in images stored on the infected device.
Whether the malware was intentionally embedded by developers or introduced through a supply chain attack remains uncertain. Kaspersky advises developers to inspect their SDKs and recommends users avoid storing sensitive data in photo galleries, instead using secure password managers, according to Kaspersky.
Read more: New Malware Targets Crypto Wallets Including Binance, Coinbase, And Trust Wallets
Over 240,000 Devices Infected by SparkCat Malware
Around 242,000 devices have been infected by SparkCat, primarily targeting Android and iOS users in Europe and Asia. The malware scans images for crypto wallet recovery phrases to steal digital assets.
The wide attack surface of SparkCat speaks volumes about the app distribution platforms being so vulnerable. People are advised to remove suspicious apps from their systems, lock down their wallets, and, if possible, shift to hardware wallets for added security.
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Other Posts
Latest
Twenty One Capital Buys 4,812 Bitcoin in Tether-Backed Initiative
Press Release
Plutus Launches PLUS More on Base: A New Era of Tokenised Loyalty Rewards
