Summary: A malicious SDK named “SparkCat” has been discovered in Android and iOS apps on the Google Play Store and Apple App Store, which is designed to steal cryptocurrency wallet recovery phrases using OCR technology. Over 242,000 downloads of infected apps have been recorded, and several remain available for download. The malware employs various techniques to extract sensitive information, prompting users to uninstall affected apps immediately and take precautions for their cryptocurrency safety.
Affected: Android and iOS apps on Google Play Store and Apple App Store
Keypoints :
- Malicious SDK named “Spark” embedded in apps to steal cryptocurrency wallet recovery phrases.
- Infiltrated apps downloaded over 242,000 times on Google Play; identified apps include Android ChatAi.
- Kaspersky advises uninstalling infected apps and avoiding storing wallet recovery phrases in screenshots.