Kaspersky Reveals Chinese Malware Apps Targeting Crypto Recovery Phrases
Kaspersky uncovered SparkCat, a stealthy malware operation targeting crypto users. It infiltrated apps to steal recovery phrases from screenshots.
Kaspersky just revealed a giant malware operation dubbed SparkCat. The malware was placed on innocuous-seeming apps and searched users’ phones for crypto recovery phrases.
These apps could have successfully infected up to 242,000 people, but it’s not clear how much money SparkCat actually stole.
Kaspersky Reveals SparkCat
Kaspersky, one of the leading security firms, just identified a new data-stealing malware scheme called ‘SparkCat.’ The company has identified several similar malware attacks and security weaknesses over the last few years, building up a strong reputation.
Today, the firm found a new trojan targetting crypto users.
“Our experts have discovered a new data-stealing Trojan, SparkCat, active in the App Store and Google Play since at least March 2024. SparkCat leverages machine learning to scan image galleries, stealing cryptocurrency wallet recovery phrases, passwords, and other sensitive data hidden in screenshots,” the firm claimed.
According to Kaspersky, apps infested with the SparkCat malware were downloaded 242,000 times. These scammers used several fronts to attract new victims, hiding the malware in food delivery apps, AI chat clients, and other seemingly harmless programs.
These apps would access a user’s photo gallery, attempting to find their crypto wallet recovery phrases.
Kaspersky didn’t indicate how much money or crypto was stolen through SparkCat, but it was a highly sophisticated operation. It primarily targeted users in Europe and Asia, and the source code’s language led Kaspersky to conclude the perpetrators were Chinese.
The infected programs have subsequently been removed from app stores.
This incident is particularly noteworthy as crypto-related malware attacks were reportedly on the decline. Social media scams, particularly those involving meme coins, have netted huge returns using bold and well-constructed tactics.
However, Kaspersky’s research suggests that SparkCat ran a profoundly different operation.
As of now, it’s difficult to determine if SparkCat will be part of a new trend, as its efficiency is still being investigated. It managed to bypass an impressive amount of security and oversight protocols, but it nonetheless had a very indirect way of getting a payout.
The most insidious scams today use fake projects to prey upon investors’ greed. They don’t need this secrecy.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Trump’s Tariffs Ruled Illegal, Markets Breathe a Sigh of Relief
Elon Musk wraps up White House role, affirms DOGE’s ongoing journey
Share link:In this post: Elon Musk stepped down as head of DOGE because he reached the legal work limit. Musk said DOGE saved $175 billion, but some people questioned the real savings. Musk wants to focus on Tesla and SpaceX now and leave politics behind.
XBTO attains UAE license to offer digital asset custody and investment services
Share link:In this post: XBTO license in the UAE will allow it to offer crypto investment and custody services. The company is also seeking a license in the UK. XBTO was a participant in Abu Dhabi’s Hub71.
Bitget Adds B/USD1 Trading Pair. Come and grab a share of 80,428 B!
Trending news
MoreCrypto prices
More
