Trojan SparkKitty Stealing Crypto Wallet Data From Phones

Trojan SparkKitty, discovered by Kaspersky on June 24, 2025, embedded in mod TikTok and crypto applications, targets users in China and Southeast Asia, stealing images to obtain crypto wallet seed phrases. With Bitcoin priced at $106,000 (CoinGecko), this threat highlights cybersecurity risks in the crypto industry. The article provides a detailed analysis of the Trojan, market context, industry impact, and suggestions for investors.

Trojan SparkKitty and its modus operandi

#SparkKitty infects through crypto, gambling, and mod TikTok applications, distributed on the App Store, Google Play, and third-party websites. After installation via spoofed provisioning profiles, the Trojan requests access to the photo library, monitors changes, creates a local photo database, and uploads to a remote server. Kaspersky suspects the main objective is to find screenshots of seed phrases, allowing attackers to control crypto wallets.

#Trojan related to the SparkCat espionage campaign (detected in January 2025), using malicious SDK to capture seed phrase images via OCR technology. SparkKitty uploads all images indiscriminately, which can be processed later. It appears on both iOS and Android, joining malware like Noodlophile (embedded in AI tools) and LummaC2 (1.7 million thefts, dismantled in May 2025).

Market context and security risks

According to TRM Labs 2024, 70% of the $2.2 billion in crypto thefts come from infrastructure attacks, primarily through private key and seed phrase theft. The crypto market, with a capitalization of $3.2 trillion (CoinGecko), faces an increasing threat from malware. Incidents like SparkKitty emphasize user vulnerability, especially in China and Southeast Asia, where crypto trading is popular.

Investor suggestions

Crypto wallet security: Use hardware wallets (Ledger, Trezor) and avoid storing seed phrases on mobile devices. Do not download apps from unverified sources.

Cybersecurity investment: Projects like Project 11 have growth potential as threats like SparkKitty increase.

Focus on major assets: Bitcoin, Ethereum, and Solana are safe choices due to a strong ecosystem.

Caution with regulations: Monitor the GENIUS Act and SEC to assess impacts on crypto applications.

Risk warning: Crypto investment carries high risk due to significant price volatility.