Skip to main content

Dangerous new malware can scan photos on both Android and iOS devices, report says

By
Hacker in a blue hoody standing in front of a coding background with binary streams and information security terms cybersecurity concept

Cybersecurity researchers at Kaspersky have uncovered a new and dangerous malware strain, which they believe has been active since at least Feb. 2024.

Dubbed SparkKitty, the malware is part of the broader SparkCat family — a line of Trojan horse programs designed to steal cryptocurrency from unsuspecting users. Kaspersky first discovered the original SparkCat malware in Jan. 2025, noting that it had already made its way onto both the Google Play Store and Apple’s App Store.

SEE ALSO: Scammers tricked TikTok users into downloading malware with AI videos

Like many trojans, these malicious apps disguise themselves as legitimate software. In the crypto world, this can be especially risky. The researchers say that one such Android app, SOEX, posed as a messaging platform with cryptocurrency trading features. They say it racked up more than 10,000 downloads on Google Play before being flagged. Kaspersky researchers found a similar app on the iOS app store, as well as modified versions of the TikTok app posing as the real thing.

SparkKitty is specifically engineered to access users’ photo libraries. The reasoning being that many crypto users screenshot their recovery phrases — which are needed to restore access to their wallets — and store them in their camera rolls. By extracting these images, attackers can potentially gain full access to victims’ crypto accounts.

Malware like SparkKitty is built to scan for images that could be valuable to attackers. However, unlike its more targeted predecessor, SparkCat, SparkKitty isn’t especially selective — it scoops up a broad range of images and sends them back to the attackers, regardless of content, according to a detailed report on Secure List by Kapersky.

While the primary concern remains the theft of crypto wallet recovery phrases, broader access to users’ photo libraries opens the door to other risks, including potential extortion using sensitive or private images. That said, there appears to be no evidence that the stolen images have been used for blackmail or similar schemes.

Kaspersky reports that the malware campaign has primarily targeted users in Southeast Asia and China. Most of the infected apps were disguised as Chinese gambling games, TikTok clones, and adult entertainment apps, all tailored to users in those regions.



from Mashable https://ift.tt/0WclFNd
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

Instagram accidentally reinstated Pornhub’s banned account

By
After years of on-and-off temporary suspensions, Instagram permanently banned Pornhub’s account in September. Then, for a short period of time this weekend, the account was reinstated. By Tuesday, it was permanently banned again. “This was done in error,” an Instagram spokesperson told TechCrunch. “As we’ve said previously, we permanently disabled this Instagram account for repeatedly violating our policies.” Instagram’s content guidelines prohibit  nudity and sexual solicitation . A Pornhub spokesperson told TechCrunch, though, that they believe the adult streaming platform’s account did not violate any guidelines. Instagram has not commented on the exact reasoning for the ban, or which policies the account violated. It’s worrying from a moderation perspective if a permanently banned Instagram account can accidentally get switched back on. Pornhub told TechCrunch that its account even received a notice from Instagram, stating that its ban had been a mistake (that message itse...
Post a Comment
Read more

California Gov. Newsom vetoes bill SB 1047 that aims to prevent AI disasters

By
California Gov. Gavin Newsom has vetoed bill SB 1047, which aims to prevent bad actors from using AI to cause "critical harm" to humans. The California state assembly passed the legislation by a margin of 41-9 on August 28, but several organizations including the Chamber of Commerce had urged Newsom to veto the bill . In his veto message on Sept. 29, Newsom said the bill is "well-intentioned" but "does not take into account whether an Al system is deployed in high-risk environments, involves critical decision-making or the use of sensitive data. Instead, the bill applies stringent standards to even the most basic functions - so long as a large system deploys it."  SB 1047 would have made the developers of AI models liable for adopting safety protocols that would stop catastrophic uses of their technology. That includes preventive measures such as testing and outside risk assessment, as well as an "emergency stop" that would completely shut down...
Post a Comment
Read more

If only your bike had a trunk. Oh wait, now it does.

By
Just to let you know, if you buy something featured here, Mashable might earn an affiliate commission. Biking is one of the best ways to get around, especially if you live in a city. It's quick, it's eco-friendly, and you get a bit of exercise.  If you already commute on two wheels or are thinking of starting, there's a storage device you kinda need. SEE ALSO: This bamboo keyboard combo adds a touch of tranquility to your workspace The Buca Boot is a pretty magical two-in-one hybrid: It’s a super secure storage box for your bike that works like the trunk of a car. You can lock your helmet or whatever else in it and leave it safely behind. It’s also a basket—open it up, and you can carry a bouquet of flowers and a baguette like the picturesque cyclist of your dreams.    Read more... More about Storage , Car , Bicycle , Trunk , and Cyclist from Mashable http://ift.tt/2eHNwLB via IFTTT
Post a Comment
Read more