⚠️ Cybercrime Alert: 🚨SparkKitty Malware on TikTok and Google Play Can Steal Your Cryptocurrency📱
🤖Kaspersky, a cybersecurity company specializing in threat detection and protection, has revealed a new mobile malware called SparkKitty targeting both iOS and Android devices.
💀SparkKitty is a sophisticated malware that spreads through Google Play, the App Store, and other platforms by posing as legitimate apps. It has appeared in iOS apps like 币coin, Android apps like SOEX (with over 10,000 installs), and fake versions of TikTok, gambling, and adult content apps.
🛠️ How It Works:
1. Infiltration: Poses as normal-looking apps to bypass store reviews.
2. Permissions Abuse: Requests access to your photo gallery.
3. OCR Scanning: Uses optical character recognition (OCR) to scan your screenshots and images for Seed phrases, Private keys or other sensitive crypto-related information.
4. Theft: Sends extracted data to attacker-controlled servers, enabling them to fully take over and drain your crypto wallets.
🌐SparkKitty is considered a successor to the earlier SparkCat malware campaign, showing increased sophistication in stealing crypto-related data. Beyond official app stores, it also spreads through third-party sites and fake apps, increasing the risk to users unaware of its presence.
Key advice to stay safe includes:
❌ Avoid storing crypto recovery phrases or sensitive info as photos on your device.
🔒 Use secure password managers or offline methods for storing seed phrases.
🛑 Limit app permissions, especially photo access.
🔄 Keep your device and apps updated.
🛡️ Install trusted security apps for malware detection.
By following these steps, users can better protect themselves against this growing mobile threat aimed at crypto holders. 🚀