Researchers from Kaspersky have identified malware being distributed within apps on both Android and iOS mobile storefronts. Dmitry Kalinin and Sergey Puzan shared their into a malware campaign, which they have dubbed SparkCat, that has likely been active since March 2024.
"We cannot confirm with certainty whether the infection was a result of a supply chain attack or deliberate action by the developers," the pair wrote. "Some of the apps, such as food delivery services, appeared to be legitimate, whereas others apparently had been built to lure victims."
The Kaspersky duo said SparkCat is a stealthy operation that at a glance appears to be requesting normal or harmless permissions. Some of the apps where the pair uncovered malware are still available to download, including food delivery app ComeCome and AI chat apps AnyGPT and WeTink.
The malware in question uses optical character recognition (OCR) to review a device's photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times. Kaspersky says "This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace."
Apple often promotes the rigorous security of the App Store, and while instances of malware appearing have been rare, this discovery is a reminder that the walled garden is not impervious to attacks.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/kaspersky-researchers-find-screenshot-reading-malware-on-the-app-store-and-google-play-211011103.html?src=rss
Trending Products
SAMSUNG FT45 Sequence 24-Inch FHD 1080p Laptop Monitor, 75Hz, IPS Panel, HDMI, DisplayPort, USB Hub, Peak Adjustable Stand, 3 Yr WRNTY (LF24T454FQNXGO),Black
ASUS RT-AX88U PRO AX6000 Twin Band WiFi 6 Router, WPA3, Parental Management, Adaptive QoS, Port Forwarding, WAN aggregation, lifetime web safety and AiMesh assist, Twin 2.5G Port
Wi-fi Keyboard and Mouse Combo, MARVO 2.4G Ergonomic Wi-fi Pc Keyboard with Telephone Pill Holder, Silent Mouse with 6 Button, Appropriate with MacBook, Home windows (Black)
Acer KB272 EBI 27″ IPS Full HD (1920 x 1080) Zero-Body Gaming Workplace Monitor | AMD FreeSync Know-how | As much as 100Hz Refresh | 1ms (VRB) | Low Blue Mild | Tilt | HDMI & VGA Ports,Black
