crypto for all
Join
A
A

Google Play & App Store Infected: This New Virus Threatens Your Crypto!

17h30 ▪ 3 min read ▪ by Eddy S.
Getting informed Scam

A new threat looms over the crypto world. According to a recent analysis conducted by Kaspersky, a malicious software named “SparkCat” integrates development kits (SDKs) used to create applications available on the Google Play Store and Apple’s App Store. This malware is specifically designed to extract recovery phrases from crypto wallets based on images stored on users’ devices, thus jeopardizing the security of their funds.

A crypto user has his data stolen by a hacker

Your cryptos may be in danger!

SparkCat operates by exploiting optical character recognition (OCR) to analyze images present on the infected device. It specifically looks for recovery phrases, which are essential for accessing crypto wallets. Once this information is obtained, attackers can take full control of the victims’ wallets and transfer funds to their own accounts.

This malware is disguised in the form of an analysis module named Spark, integrated into various applications. It uses an encrypted configuration file hosted on GitLab to receive commands and operational updates. Furthermore, the flexibility of SparkCat allows it to steal not only crypto recovery phrases but also other personal data stored in the user’s gallery, such as the contents of messages or visible passwords from screenshots.

Your 1st cryptos with Coinbase This link uses an affiliate program.

Since its emergence in March 2024, SparkCat has been downloaded around 242,000 times, primarily targeting users of Android and iOS in Europe and Asia. The infected applications vary, some being legitimate, like food delivery services, while others are specifically designed to lure victims, such as fake messaging apps with artificial intelligence features.

Since its emergence in March 2024, SparkCat has been downloaded around 242,000 times, primarily targeting users of Android and iOS in Europe and Asia. The infected applications vary, some being legitimate, like food delivery services, while others are specifically designed to lure victims, such as fake messaging apps with artificial intelligence features.
Infected applications by SparkCat, according to Kaspersky

How to protect yourself against SparkCat?

To protect against this threat, Kaspersky recommends that users do not store sensitive information, such as crypto recovery phrases or passwords, in the form of images or screenshots on their devices. It is advisable to use secure password managers to keep this crucial information. Additionally, it is essential to remove any suspicious or infected applications and keep devices updated with the latest security updates.

This discovery highlights the importance of increased vigilance when downloading applications. Even if they come from official sources, adopting good security practices to protect your crypto data is essential.

Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.



Join the program
A
A
Eddy S. avatar
Eddy S.

Le monde évolue et l'adaptation est la meilleure arme pour survivre dans cet univers ondoyant. Community manager crypto à la base, je m'intéresse à tout ce qui touche de près ou de loin à la blockchain et ses dérivés. Dans l'optique de partager mon expérience et de faire connaître un domaine qui me passionne, rien de mieux que de rédiger des articles informatifs et décontractés à la fois.

DISCLAIMER

The views, thoughts, and opinions expressed in this article belong solely to the author, and should not be taken as investment advice. Do your own research before taking any investment decisions.