Apple and Google have removed 20 apps from their respective app stores after cybersecurity researchers discovered that they had been infected with data-stealing malware for nearly a year.
According to Kaspersky, the malware, named SparkCat, has been active since March 2024. Researchers first detected it in a food delivery app used in the United Arab Emirates and Indonesia before uncovering its presence in 19 additional apps. Collectively, these infected apps had been downloaded over 242,000 times from Google Play Store.
The malware uses optical character recognition (OCR) technology to scan text displayed on a device’s screen. Researchers found that it targeted image galleries to identify keywords associated with cryptocurrency wallet recovery phrases in multiple languages, including English, Chinese, Japanese, and Korean.
By capturing these recovery phrases, attackers could gain complete control over victims’ wallets and steal their funds. Additionally, the malware could extract sensitive data from screenshots, such as messages and passwords.
Following Kaspersky’s report, Apple removed the infected apps from the App Store last week, and Google followed soon after.
Google spokesperson Ed Fernandez confirmed to This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: