Risk Statement on Coin’s SparkKitty Virus Infection: Relevant Features Never Activated, User Data Always Secure

According to ChainCatcher, Kaspersky has disclosed a new type of virus called SparkKitty, which specifically targets screenshots of crypto users’ mnemonic phrases. Kaspersky pointed out that both applications it identified as spreading this malware are related to cryptocurrencies. One of them, named “币 coin,” disguised itself as a crypto information tracker and was once listed on the App Store.

币 coin has responded to the incident, admitting that it previously integrated a third-party SDK provided by a certain trading platform. However, the high-risk features in this SDK involving access to the photo album and image uploads were disabled from the outset and have never been activated or triggered, so user data has not been affected in any way. During testing, the 币 coin technical team discovered suspicious behavior in the SDK that attempted to induce users to enable photo album access and upload photos. They subsequently blocked the upload function entirely via the interface, ensuring that any potentially risky features could not operate. Currently, 币 coin has launched a comprehensive code security review and has pledged to upgrade its third-party SDK review and partner background check processes to prevent similar incidents from happening again.