Sparkkitty: A big warning has come out for smartphone users. A new mobile malware is spreading through fake apps on both sparkkitty Android and iOS platforms. This virus is stealing gallery photos, especially screenshots from users’ phones, which may have a recovery frame or other sensitive information of crypto wallet.
Cyber security experts say Sparkkitty has emerged as a serious threat, especially for those who manage digital properties on their mobiles. This malware comes in the appearance of real looking apps, but carries out dangerous activities in the background.
Sparkkitty has been identified as a Trojan virus, meaning that it introduces itself as a reliable app but does dangerous activities inside. Security researchers have found that this malware is hidden in many fake apps such as crypto converters, messaging apps and informal versions of social media app Tiktok.
Some cases have also come up where these infected apps were also present at the official app stores, which were later removed.
Sparkkitty is actually a mobile version of an old desktop malware Sparkcat, which previously targeted Macos and Windows Systems. Investigations conducted by Kaspersky’s research wing Securelist found that both malware have many similarities. It is a clear indication that cyber criminals have now focused their focus on mobile users, because people are now storing their financial information on smartphones.
As soon as a user installs a fake app in which sparkkitty is hidden, he asks for permission to access the phone’s gallery.
On Android devices it scans photos and extracts the recovery fray, QR code or other sensitive information in screenshots through text detection tools.
In the case of iPhone users, it bypasses the safety of the iOS system using common coding libraries and achieves access to gallery.
The main objective of Sparkkitty is to hack the crypto wallets of users. Many people save the recovery of their bitcoin as a screenshot of cryptocurrency wallets, which remain in gallery without any security. When these screenshots are stolen through this malware, the cyber attackers can easily recover the wallet using that information and steal the funds. The user does not even know.
Although this malware is still targeting users from Southeast Asia and China, but experts believe that its spread methods enable it to spread globally. In addition to the official app stores, Sparkkitty has also been spread through third party sites and pirated apps.
Its most dangerous thing is that these apps look real, they are fake but reliable looking icons, names and users reviews, which makes the common users cheat.
Cyber security experts recommend taking some important precautions to avoid dangers like sparkkitty:
Avoid sensitive information such as bank details, passwords or crypto wallet recovery fras in screenshots.
Write them in a safe place offline.
Allow the apps to the apps only when it is absolutely necessary.
Examine your phone’s app permission settings from time to time.
Remove such apps immediately which seem unknown or which are not needed.
Use Google Play Protect or any trusted mobile antivirus.
Always keep the device with the latest security updates.
