SparkKitty disguises itself as a cryptocurrency wallet app on Google Play and Apple App Store to infect devices.
Once installed, it gains access to your photo gallery and steals all images, including sensitive data like seed phrase screenshots.
Believed to be an evolved version of SparkCat malware that used OCR to extract crypto wallet phrases from saved screenshots.
A newly discovered malware called SparkKitty has recently been found stealing photos from infected devices. Posing as a fake crypto wallet app on Google Play and the Apple App Store, it is targeting Android and iOS devices. Experts warn that the malware poses a severe threat to people, as the photo galleries may contain some sensitive information. According to a report by Kaspersky, this new malware is a possible evolution of SparkCat, which was discovered earlier this year in January.
SurveyFor the unversed, SparkCat was found to use optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected phones. Here’s all you need to know about this SparkKitty malware and how it can steal your photos.
How does SparkKitty malware work?
As reported by Kaspersky, the malware is pretending to be an app related to cryptocurrencies, 币coin, on the iPhone app store, persuading users to install the app. When being installed, the app asks users to write down the wallet’s recovery phrase and store it in a secure, offline location. As many users take a screenshot of their seed phrase and save it on their phone, the malware indiscriminately steals all images from the infected device’s photo gallery.
While Kaspersky believes that the malware is targeting crypto SparkKittywallet seed phrases, the stolen data could also be used for extortion and other malicious activities if the images contain sensitive content.
Notably, on iOS, the malware requests access to the photo gallery; however, on Android, the malicious app requests storage permissions to access images. If permission is granted on iOS, the malware scans the gallery and exfiltrates any new or previously unuploaded images.
Also read: Google Pixel 9 price drops by Rs 12,000 on Flipkart: How to grab this deal
How to protect your data from being stolen by SparkKitty malware?
- If you have installed one of the infected applications, remove it as soon as possible.
- Avoid taking screenshots of the seed phrase or cryptocurrency wallet recovery phrases.
- If an app requests access to the phone’s photo library, avoid allowing access to the new or any suspicious app.
Follow Us
Himani Jha
Himani Jha is a tech news writer at Digit. Passionate about smartphones and consumer technology, she has contributed to leading publications such as Times Network, Gadgets 360, and Hindustan Times Tech for the past five years. When not immersed in gadgets, she enjoys exploring the vibrant culinary scene, discovering new cafes and restaurants, and indulging in her love for fine literature and timeless music. View Full Profile
