A new mobile malware called SparkKitty is targeting Android and iOS devices to steal cryptocurrency wallet seed phrases and sensitive images. The malware has been found in apps on official app stores and is actively used for data exfiltration and potential malicious activities. #SparkKitty #Kaspersky
Keypoints
- SparkKitty is a mobile malware targeting both Android and iOS for stealing crypto wallet seed phrases and images.
- The malware has been distributed through official app stores and unofficial platforms since February 2024.
- On iOS, SparkKitty operates via fake frameworks and profiles, while on Android, it uses malicious modules triggered on app launch or user actions.
- The malware exfiltrates images containing text, device identifiers, and metadata, with some versions using OCR to target specific images.
- Users are advised to avoid storing seed phrases as images on mobiles and to scrutinize app permissions and sources diligently.