"The improved version of SparkCat for Android incorporates several obfuscation layers compared to previous iterations, including the use of code virtualization and cross-platform programming languages to sidestep analysis efforts."
"The iOS variant, however, takes a different approach as it scans for cryptocurrency wallet mnemonic phrases, which are in English, making it potentially broader in reach."
"SparkCat was first documented by Kaspersky in February 2025, highlighting its ability to leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases."
"The updated variant of SparkCat requests access to view photos in a user's smartphone gallery in certain scenarios - just like the very first version of the Trojan."
Researchers have identified a new version of SparkCat malware on the Apple App Store and Google Play Store, targeting cryptocurrency users. The malware hides in benign apps and scans photo galleries for wallet recovery phrases. The iOS variant scans English phrases, broadening its reach, while the Android version focuses on Asian languages. SparkCat employs advanced obfuscation techniques and optical character recognition to exfiltrate sensitive information. The evolving nature of this malware indicates a sophisticated threat actor behind its development.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]