The recently identified 'SparkKitty' Trojan is compromising smartphones and stealing sensitive information, potentially allowing hackers to access victims' cryptocurrency wallets, according to Kaspersky. This malware is hidden in apps related to crypto trading, gambling, and altered versions of TikTok. It is installed through misleading provisioning profiles and requests access to users' photo galleries. SparkKitty tracks changes, compiles a database of stolen images, and uploads them to a remote server. Kaspersky suspects the primary aim is to capture screenshots of crypto wallet seed phrases. Currently, the malware is mainly affecting users in China and Southeast Asia, but it could spread globally. TRM Labs reported that nearly 70% of the $2.2 billion in stolen cryptocurrency last year stemmed from infrastructure attacks, particularly involving private keys and seed phrases. SparkKitty is linked to the SparkCat spyware campaign, which also exploited user images. It has been found in both Android and iOS app stores, disguised as crypto-related tools and TikTok modifications. Read more AI-generated news on: https://app.chaingpt.org/news