Fast Feed

iOS App Store apps with screenshot-reading malware found for the first time

1 min read

Summary

  • cyber security company Kaspersky has found cryptocurrency stealing malware in apps on both Apple and Google’s app stores
  • The ‘SparkCat’ malware triggers a request for access to the user’s photo gallery when they try to use chat support, according to Kaspersky, which first discovered the malware in late 2024.
  • Once the malware has access to the photos, it uses Google’s Optical Character Recognition to find screenshots of crypto wallet passwords and recovery phrases, which are then sent back to the attackers.
  • So far, the malware has been found in two AI chat apps on Apple’s App Store, WeTink and AnyGPT, and a food delivery app called ComeCome, which are all still available.
  • Kaspersky couldn’t confirm whether the apps had been victim to a supply chain attack or whether the developers deliberately included the malware.

Original Article

Backlinks