New Malware SparkCat Targets Crypto Wallets on Mobile Apps
/ 1 min read
🪙✨ New Malware “SparkCat” Targets Crypto Wallets via Messaging Apps. Researchers at ESET have uncovered a malware campaign named “SparkCat,” which embeds malicious SDKs in both Android and iOS messaging apps to steal recovery phrases for cryptocurrency wallets. The malware, which has been downloaded over 242,000 times from Google Play, utilizes optical character recognition (OCR) to scan users’ image galleries for sensitive information. Notably, this is the first instance of such malware found in Apple’s App Store. The campaign employs sophisticated techniques, including the use of Rust programming language and obfuscation, making detection challenging. Users are advised to remove any infected apps and avoid storing sensitive information in their galleries to mitigate risks.
