Kaspersky revealed that malicious apps hiding in Apple's and Google's app stores are using optical character recognition (OCR) technology to extract text from images to steal cryptocurrency. The malware, named 'SparkCat,' exploits permissions granted by users when accessing chat support in these apps. Kaspersky noted that it found the infected apps, including WeTink, AnyGPT, and the food delivery app ComeCome, to still be available in app stores. They remained uncertain whether this resulted from a supply chain attack or was intentional on the developers' part.
Apps distributed through Apple and Google’s app stores are concealing malicious code that uses OCR technology to steal cryptocurrency.
Kaspersky identified 'SparkCat' malware in apps that exploit access to users' photo galleries to extract sensitive crypto information.
The malware triggers photo gallery access when users engage chat support in affected apps, capturing screenshots of crypto wallet passwords and sending them to attackers.
Kaspersky has not confirmed whether the infection resulted from a supply chain attack or deliberate developer actions, highlighting security loopholes in app distribution.
Collection
[
|
...
]