Vicious malware has infiltrated dozens of applications on Apple and Google stores. He would notably be able to read the screenshot content to recover sensitive information.
Kaspersky, the Russian company specializing in cybersecurity, has just launched an alert After discovering malware that infected dozens of applications The Apple App Store and Google Play Store. A disturbing news insofar as if this kind of infection is relatively common on the Google store, it is very rare services on Apple ELS services which have the reputation of being highly secure.
In practice, the malware named Sparkcat tackles users by scanning the screenshots saved on a smartphone to recover sensitive information – passwords, identifiers or even and cryptomonnaie portfolio recovery phrases – and send them to Pirate servers. Sparkcat has infected several applications that require access to the photos of the device when they first use. He then uses an OCR module (optical character recognition) which can analyze the images stored on a device and extract text from it.
Kaspersky has counted dozens of applications infected with Sparkcat, totaling more than 242,000 downloads on the Play Store. We find Comecomome, a food delivery app, Chatai, a Chatgpt copy, Wetink, a social network based on the Instagram model and operating in part with artificial intelligence. Most of them have been deleted from Apple and Google blinds from the alert.
To luetter against this type of malware, Kaspersjy recommends users to avoid taking screenshots containing sensitive personal information (crypto recovery sentences, passwords, safety codes) and also storing them on your device . And, of course, not to give access to photos to applications that do not use it.