Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The cyber company Kaspersky warned of the newly discovered malware known as Sparkkitty, who stole photos from infected devices in the hope of finding crypto seeds.
Kaspersky Sergei Puzan and Dmitry Kalinininin said In Monday, Sparkkitty targets iOS and Android by infiltrating some applications in Apple App Store and Google Play.
Once the device is infected, malicious software will steal all images in the photo gallery without distinction.
“Although we suspect that the main objective of the attackers is to find screenshots of a crypt of wallet, other sensitive data could also be present in stolen pictures.”
Harmful applications focus on crypt themes
Two applications used to deliver malware found Kaspersky focused on crypto. One known as 币 coin that sells as a Crypto Information TrackerHe was in the App Store.
The second was SOEX, a message for sending messages with a “Crypto Exchange feature” on Google Play.
“This app has been uploaded to Google Play and installed more than 10,000 times. Google announced about it and removed the app from the store,” Puzan and Kalinin said.
Google spokesman confirmed Cointlegraph that the app was removed from Google Play and the developer was disabled.
“Android users are automatically protected against this application regardless of source downloads from Google Play Protect, which is by default on Android with Google Play,” the spokesman said.
Kaspersky analysts have also discovered cases where Sparkkitty is delivered through casino applications, games with adults and harmful clones of Tiktok.
Sparkcat’s little brother
Malware is similar to SparkCat that has been identified during a Kaspersky Investigation in January. Malware scans users’ images and find phrases of Crypto wallet regeneration.
Both Malware version They are probably from the same source, said Puzan and Kalinin because they share similar functions and include similar ways of files from the attacker systems.
“Although this is not technically or conceptually complicated, this campaign has been running since the beginning of 2024 and represents a significant threat to users,” Puzan and Kalinin said.
“Unlike the previously discovered Sparkcat Spyware, this malware is not picky about which photos will steal from the gallery.”
Related: Hackers sell counterfeit phones with malware crypto-hiding
The main goals of Southeast Asia and China
The main objectives of this malware campaign are users in Southeast Asia and China to find out Kaspersky because infected applications include various Chinese games, tiktok and adult games.
“Judging by distribution sources, this spyware focuses primarily on users in Southeast Asia and China,” Puzan and Kalinin said.
“However, it has no technical restrictions to prevent users from attacking users in other regions,” they added.
