Crypto Catastrophe: Malicious SDKs Swipe Wallet Phrases from Popular Apps!

Beware of SparkCat! This malicious software development kit lurking in Android and iOS apps is sneakily stealing cryptocurrency wallet recovery phrases using optical character recognition. With over 242,000 downloads, it’s the ultimate cat burglar of the app world. Protect your crypto secrets and uninstall these apps before your wallet goes poof!

3P
Published: February 4, 2025 8:20 pmAdded: February 5, 2025 at 5:15 amAssembled by: The Editor
Pro Dashboard

Hot Take:

It looks like app stores are now the hottest clubs in town for cryptojackers to hang out. Who needs a heist movie when you can just download an app? With the SparkCat campaign, hackers aren’t just stealing hearts; they’re also taking your crypto! And just when you thought the cat was a cute metaphor, it turns out it’s been clawing at your wallet. Meowch!

Key Points:

  • Malicious SDK named “Spark” is found in Android and iOS apps.
  • Over 242,000 downloads of infected apps on Google Play.
  • First known case of a crypto-stealing SDK on the Apple App Store.
  • SDK uses OCR to extract crypto wallet recovery phrases from images.
  • Kaspersky identified 18 Android and 10 iOS affected apps.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?