SparkKitty, a dangerous new malware, is targeting mobile devices to compromise crypto wallets. It searches through users’ image data to uncover and steal seed phrases.
In recent cases, the malware infected phones through compromised apps, with several bait programs catering to lure crypto users. Thankfully, app store moderation has removed many of SparkKitty’s attack vectors.
How SparkKitty Targets Crypto Wallet Apps
Popular security firm Kaspersky identified this new malware today after months of observation across different mobile operating systems.
Earlier in February, the firm discovered SparkCat, an earlier iteration of this malware. After the previous discovery, the malicious developers repackaged this trojan through new apps.
According to the company’s full report, this piece of malware is specifically focused on targeting crypto users, especially in China and Southeast Asia.
Hackers embedded SparkKitty into crypto-related apps, like price trackers and messengers with crypto-buying functionality. One such compromised messenger, SOEX, was downloaded over 10,000 times before removal.
SparkKitty’s operators also branched out to include casino apps, adult sites, and fake TikTok clones. Even if a user downloaded a contaminated app, the malware wouldn’t automatically start looking for crypto.
Instead, the app would ostensibly function normally, asking for access to users’ photos. It would continue appearing normal even after gaining this permission.
In other words, this malware would repeatedly scan image data for signs of a crypto seed phrase, double-checking the compromised device periodically.
Kaspersky’s researchers have several reasons to believe that SparkKitty is an upgraded SparkCat. For example, they share several debug symbols, code construction, and even a few compromised vector apps.
However, SparkKitty is more ambitious than SparkCat. The earlier malware would focus on penetrating crypto security, while the upgraded version can compromise many types of sensitive data.
Nonetheless, SparkKitty’s main priority is still in uncovering seed phrases.
Overall, the best caution for users is never to store seed phrases digitally. Don’t even take a photo of it.
There’s no shortage of recent scams and malware that can compromise this password, thereby allowing attackers to steal all your crypto. It’s important not to give sketchy apps access to your devices, but it’s doubly vital to protect your seed phrase.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Source: https://beincrypto.com/new-crypto-malware-mobile-devices-ios-android/