Apps on Apple’s App Store are mostly considered safer than those found on Android smartphones. However, researchers at Kaspersky have probably burst this myth, as they have reported on new malware they discovered in App Store apps, which they suggest is the first known case for Apple users.
‘Spark Cat’ malware scans images to steal sensitive data: Here’s how it works
According to researchers at Kaspersky, multiple apps in both Google’s Play Store and Apple’s App Store have been infected with malicious code that lets cyberattackers empty crypto wallets. The malware, dubbed ‘SparkCat,’ employs Optical Character Recognition (OCR) technology to scan and identify text within images or screenshots stored on an iPhone or an Android smartphone.
The researchers have also confirmed that these infected apps were downloaded more than 242,000 times from Google Play by Android users in recent times, and it is now present in some App Store apps as well, including WeTink, AnyGPT, and ComeCome. Once downloaded, these infected apps request access to users’ photo libraries, which is often disguised as routine permission for chat support. After the access is unknowingly permitted, these apps scan stored images using an OCR plug-in based on Google’s ML Kit library.
One of the first apps to arouse suspicions of such activities was a Chinese food delivery app called ComeCome, which is still available on both iOS and Android. However, the researchers can’t confirm with certainty whether the infection was a result of a supply chain attack or was deliberately deployed by the app developers.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
