Crypto-Stealing Apps Found in Apple App Store: What to Do if You’ve Installed Them
In a disturbing new development, Kaspersky researchers have uncovered malicious apps in both the Apple App Store and Google Play Store, designed to steal cryptocurrency wallet recovery phrases using optical character recognition (OCR) plugins. This marks the first time such malware, named "SparkCat," has been discovered in the Apple App Store, although it has been active since March 2024 and previously found on Google Play, where it was downloaded over 242,000 times.
The SparkCat malware uses the Google ML Kit library to scan device galleries for sensitive information, including recovery phrases for cryptocurrency wallets. Once it detects relevant text, the malware sends these images to a remote server controlled by hackers. Both Android and iOS versions of the malware work similarly, using OCR technology to steal private data.
If you’ve installed one of these infected apps, Kaspersky recommends uninstalling it immediately and avoiding the use of the app until a patch is released. It's also essential not to store sensitive information, like cryptocurrency recovery phrases, in your device gallery to reduce the risk of exposure.
As cyber threats targeting cryptocurrency holders continue to evolve, users must remain vigilant and take proactive measures to protect their digital assets.
