Cybersecurity firm Kaspersky has discovered a new malware that aims to steal crypto wallet seed phrases by infecting iOS and Android devices. Dubbed “SparkKitty,” the malware is targeting users in China and Southeast Asia in particular.
Kaspersky Uncovers New Wallet-Hijacking Virus “SparkKitty” Targeting China and Southeast Asia
According to Kaspersky researchers, after infecting mobile devices, SparkKitty secretly scans all images in users’ photo albums to detect recovery phrases for crypto wallets, which are usually stored as screenshots.
The virus spreads by disguising itself as legitimate applications, including:
- The app called “币 coin”, which is available on the App Store and tracks cryptocurrency information,
- There is a messaging app called “SOEX” that has been downloaded more than 100,000 on Google Play and claims to offer cryptocurrency trading features.
SparkKitty is thought to be related to the SparkCat malware, which was detected in January 2024. Research suggests that both viruses share similar characteristics and may have been developed by the same source. SparkKitty’s activities date back to at least early 2024.
Although the primary target is currently users from China and Southeast Asia, Kaspersky experts emphasize that the technical capabilities of the virus can pose a threat on a global scale.
Kaspersky announced that it had informed Google about the apps in question and that the apps had been removed from the stores.
Users are advised not to store wallet recovery phrases digitally, stay away from unknown apps, and use security software on their mobile devices.
*This is not investment advice.
Read the full article here
