A new malware called SparkCat has been found to be stealing personal information of Android and iPhone users. The malware, spotted by Kaspersky, was found on the iOS App Store, where such threats have been rare until now.
This malware works by sneaking into your phone's gallery and stealing images, it looks for things like cryptocurrency wallet recovery phrases, passwords, or even private messages from screenshots. It uses an Optical Character Recognition (OCR) tool, which scans images for certain keywords and sends them off to cybercriminals.
While the malware has been downloaded more than 242,000 times from Google Play by Android users, we’re still not sure how many iPhone users have been affected. But the fact that it made it to the App Store is pretty concerning because, until now, Apple’s marketplace had been mostly safe from these kinds of apps.
Some of the apps known to be infected include the food delivery app ComeCome, and messaging apps like WeTink and AnyGPT. A few of these apps are still available for download on both Google Play and the App Store, so be cautious.
The malware has been active since March 2024, and the scary part is that these apps don’t look suspicious. Using them for their normal purpose can trigger the malware without any unusual behavior or extra permissions.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
