Search
loading

SparkCat Crypto Stealer Malware Infected Multiple Apps on Play Store, App Store

This is the first time that apps with cryptocurrency stealing malware have been detected on Apple's App Store.

Advertisement
Written by David Delima | Updated: 6 February 2025 14:47 IST
Highlights
  • A crypto stealer malware infected 28 apps for iOS and Android smartphones
  • The apps would detect wallet recovery phrases using OCR technology
  • The SparkCat malware was detected on both the App Store and Play Store
SparkCat Crypto Stealer Malware Infected Multiple Apps on Play Store, App Store

Recovery phrases can be used to gain access to crypto wallets

Photo Credit: Pexels/ Alesia Kozik

Several apps on the App Store and Google Play store were found to be infected with a crypto stealer malware by security researchers at Kaspersky. These applications reportedly included a malicious software development kit (SDK) that was designed to use optical character recognition (OCR) to steal "crypto wallet recovery phrases" from screenshots stored on a user's smartphone. It's also worth noting that this is the first time that apps with cryptocurrency stealing malware have been detected on Apple's App Store.

SparkCat Infected Apps Detected Crypto Wallet Recovery Phrases Stored Using Screenshots

In a detailed technical report published on Thursday, the researchers said that at least 18 Android applications were infected with the malicious SparkCat SDK, while the malicious framework was found in 10 iOS apps on the App Store. The cumulative download count on Android smartphones was over 2.42 lakh, according to the researchers.

Two of the infected apps on the Play Store (left) and App Store
Photo Credit: Kaspersky

 

Some of the infected applications appeared to be legitimate, while others (specifically messaging apps equipped with AI features) were published in order to tempt users to download the compromised application, as per the report. Meanwhile, Kaspersky said that some of the infected Android apps were still available to download via the Play Store at the time of publishing its report.

However, the researchers say that they cannot confirm whether the apps were infected by the developers on purpose, or whether they were impacted by a supply chain attack. Apple and Google have yet to publicly comment on the detection of these apps on their respective app stores.

Once installed on a user's device, these malicious apps would use a OCR technology to detect and extract text from images stored on the handset. Once the app detects a recovery phrase for a cryptocurrency wallet, it would upload the picture to an Amazon cloud server and send a message to the attacker's server to notify them when a recovery phrase is detected.

While Google and Apple have removed most of the apps detected by Kaspersky, users who have downloaded them will need to manually uninstall these applications. Meanwhile, it's worth storing recovery phrases for crypto wallets and accounts in a password manager, or an application that stores encrypted notes. This is considerably safer than keeping screenshots that are easily accessible to apps that have been granted the 'storage' or 'camera roll' permission.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: SparkCat, Crypto Malware, Android Malware, iOS Malware, Crypto Stealers, Malware
 
Show Full Article
Advertisement

Latest Videos »

Tech News in Hindi »

More Technology News in Hindi »
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Oppo K13 Turbo Series Launched in India With Built-In Fan, 7,000mAh Battery
  2. Lava Blaze AMOLED 2 5G Launched in India With This Price Tag
  3. Flipkart Independence Day Sale 2025 Will Start on This Date
  4. Realme P4 Series To Launch in India On This Date; Price Range Revealed
  5. HTC Wildfire E4 Plus With 50-Megapixel Camera Launched: See Price
  6. You Now Have a Higher Usage Limit With ChatGPT-5, But Not for Long
  7. Oppo K13x 5G Review
  8. Tecno Spark Go 5G India Launch Date Revealed: Check Features, Availability
  9. You Can Now Use Grok 4 AI Model for Free, No Need for Subscription
  10. Honor X7c 5G With 50-Megapixel Camera Teased to Launch in India Soon
#Latest Stories
  1. Honor X7c 5G India Launch Teased; Confirmed to Debut With 50-Megapixel Camera
  2. Flipkart Independence Day Sale 2025 Date: Know More about Product Discounts and Bank Offers
  3. Tesla Opens First Experience Centre in New Delhi’s Aerocity; Four V4 Superchargers Established On-Site
  4. OpenAI Increases GPT-5 Thinking Usage Limit After Backlash from Users, But There's a Catch
  5. Apple's MacBook Pro With M6 Chip, OLED Display Could Launch by Early 2027: Mark Gurman
  6. Vivo Vision Mixed Reality Headset Launch Confirmed by Official; to Arrive as Apple Vision Pro Competitor
  7. Oppo Enco Buds 3 Pro Launched in India With Up to 54 Hours of Total Battery Life: Price, Specifications
  8. Microsoft Quietly Launches Copilot 3D as Experimental Feature, Turns 2D Images into 3D Models
  9. Lava Blaze AMOLED 2 5G With MediaTek Dimensity 7060 SoC Launched in India: Price, Specifications
  10. iQOO 15 Arrival Teased Again as iQOO Readies Launch of Next Flagship Smartphone
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »