The SparkCat malware campaign has emerged as a significant threat, targeting cryptocurrency wallets through a suite of fake applications found on both Apple's and Google's app stores. Using optical character recognition (OCR) technology, this malware extracts wallet recovery phrases from users' photo libraries. The malicious apps, downloaded over 242,000 times, disguise themselves as various legitimate services, yet they exfiltrate sensitive information to a command-and-control server. Notably, this campaign marks one of the rare instances of such Android malware infiltrating Apple's ecosystem, sparking concerns over security practices in app distribution.
The SparkCat malware campaign uses fraudulent apps on app stores to steal cryptocurrency wallet recovery phrases, leveraging OCR to extract sensitive information.
Active since March 2024, SparkCat utilizes bogus apps on official and unofficial stores, masquerading as AI, food delivery, and Web3 services.
Collection
[
|
...
]