Summary: A malicious SDK named “Spark” has been found embedded in Android and iOS apps on the Google Play Store and Apple App Store, designed to steal cryptocurrency wallet recovery phrases through optical character recognition. This campaign, known as “SparkCat,” has led to over 242,000 downloads of the infected apps on Google Play, with many still available. Users are advised to uninstall affected apps immediately and to refrain from storing recovery phrases in screenshots for security reasons.
Affected: Android and iOS apps on Google Play Store and Apple App Store
Keypoints :
- Malicious SDK steers clear of user detection while extracting sensitive cryptocurrency information.
- Infected apps include Android and iOS versions with specific regional targeting based on languages.
- Kaspersky recommends uninstallation of infected apps and employing antivirus measures for device security.