A newly discovered malware called SparkKitty has recently been found stealing photos from infected devices. Posing as a fake crypto wallet app on Google Play and the Apple App Store, it is targeting Android and iOS devices. Experts warn that the malware poses a severe threat to people, as the photo galleries may contain some sensitive information. According to a report by Kaspersky, this new malware is a possible evolution of SparkCat, which was discovered earlier this year in January.
For the unversed, SparkCat was found to use optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected phones. Here’s all you need to know about this SparkKitty malware and how it can steal your photos.
As reported by Kaspersky, the malware is pretending to be an app related to cryptocurrencies, 币coin, on the iPhone app store, persuading users to install the app. When being installed, the app asks users to write down the wallet’s recovery phrase and store it in a secure, offline location. As many users take a screenshot of their seed phrase and save it on their phone, the malware indiscriminately steals all images from the infected device’s photo gallery.
While Kaspersky believes that the malware is targeting crypto SparkKittywallet seed phrases, the stolen data could also be used for extortion and other malicious activities if the images contain sensitive content.
Notably, on iOS, the malware requests access to the photo gallery; however, on Android, the malicious app requests storage permissions to access images. If permission is granted on iOS, the malware scans the gallery and exfiltrates any new or previously unuploaded images.
Also read: Google Pixel 9 price drops by Rs 12,000 on Flipkart: How to grab this deal