Kaspersky warns that crypto-thieving malware hiding in app-making kits

-

Kaspersky Labs has dropped a bombshell and shared that some software development kits, or SDKs for Android and iOS apps are harboring malware that’s on the hunt for your crypto wallet recovery phrases.

Scanning screenshots and photos

Kaspersky analysts Sergey Puzan and Dmitry Kalinin revealed this malware, dubbed SparkCat, gets cozy with your device and starts scanning your photos for those all-important recovery phrases, and with those phrases, thieves can easily drain your crypto wallet faster than you can say “blockchain.”

In their report, the duo explained that once this malware is in play, it doesn’t just stop at recovery phrases, it can also swipe other personal data from your gallery, think messages and passwords that might just be chilling in your screenshots.

Kaspersky suggests you ditch the habit of keeping sensitive info in your screenshots or photo albums. Instead, they recommend using a password manager to keep your secrets safe.

Undercover agent

On Android devices, the malware sneaks in disguised as a Java component named Spark, which sounds harmless, right?

It even has an encrypted configuration file stored on GitLab to keep its commands and updates under wraps, but once it’s in, it employs Google’s ML Kit OCR technology to extract text from images, specifically hunting for recovery phrases that allow hackers to access crypto wallets without needing a password.

Kaspersky estimates that since its activation around March, this malware has been downloaded approximately 242,000 times, and it primarily targets users in Europe and Asia. It has infiltrated dozens of apps, both legitimate and fake, across the app stores.

What’s more, it uses Rust language features that are rarely found in mobile apps, making it tricky to spot.

Behind the scenes

The bad news is that Kaspersky isn’t sure whether these infected apps were compromised through a supply chain attack or if developers intentionally included the Trojan.

Some of these apps look legit, like food delivery services, while others are clearly designed to trap unsuspecting victims with flashy AI features.

The origins of this malware remain unnown, but Kaspersky did find some Chinese comments buried in the code. This hints that the mastermind behind this digital menace might be fluent in Chinese.

Have you read it yet? Missouri goes crypto, after a bill proposes Bitcoin stash for state funds


Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.

LATEST POSTS

Bybit is closing doors after a $1.4 billion blow

The big shot crypto exchange is done. They’re just pulled the rug out from under a selection of its Web3 services. Wallets, NFT marketplaces, and...

Panama goes full crypto, now you can pay taxes with Bitcoin and Ethereum

Panama City, in the heart of Central America, just flipped the script on how you pay for public services. Forget fumbling with cash or cards, now...

Dollar stablecoins are the silent threat to the euro?

Italy’s Economy Minister, Giancarlo Giorgetti, sounding the alarm. You know the euro? Well, according to Giorgetti, it’s facing a sneaky threat, not from trade wars...

Peter Schiff urges you to dump your Bitcoin, and bet on gold

Peter Schiff, the guy who nailed the 2008 financial crash prediction is back with another hot take, and it’s got Bitcoin fans sweating bullets. His...

Most Popular

Guest posts