Kaspersky Lab specialists have discovered mobile malware, which they named SparCat and used by cybercriminals since March 2024. The malicious framework was identified in a food delivery app in the UAE and Indonesia, and later in 19 other unrelated software products. The company informed Apple and Google about this, which removed the dangerous software from their digital content stores.
Image Source: Kevin Ku / unsplash.com
Experts studied the code of the malicious application, as a result of which it was possible to establish that it was able to capture text displayed on the screen, as well as extract information from screenshots. The malware scanned image galleries on the victim’s device in search of key phrases designed to restore access to cryptocurrency wallets. It is noted that the software created by cybercriminals could process data in different languages, including English, Chinese, Japanese and Korean. With the help of malware, the attackers could access the victims’ cryptocurrency wallets in order to steal digital assets.
The researchers notified Apple and Google of the discovery of the malicious apps. Shortly after, the dangerous software products were removed from the App Store and Play Market. “All identified apps have been removed from Google Play and their developers have been blocked,” a Google representative commented on the matter. He also added that Android users were protected from known versions of the malware thanks to the Google Play Protect feature.