SparkCat Strikes: Sneaky Malware Nabs Crypto Wallets with Fake Apps!
SparkCat, the latest malware mischief, slinks through app stores, filching mnemonic phrases from crypto wallets using a sneaky OCR model. It lurks in apps pretending to be AI, food delivery, or Web3 services. The twist? This is one of the first times such a sneaky stealer has crept into Apple’s App Store.
Hot Take:
Looks like “SparkCat” isn’t just a cuddly name for a cat that loves fireworks, but a sneaky malware campaign that’s pouncing on your crypto wallets! With fake apps playing a game of cat and mouse, it’s time to keep your mnemonic phrases under lock and key instead of leaving them to the feline bandits of the cyber world.
Key Points:
- SparkCat malware uses fake apps on Apple and Google app stores to steal cryptocurrency wallet recovery phrases.
- It employs an OCR model to extract images containing mnemonic phrases from photo libraries.
- The malware uses a sneaky SDK called Spark, pretending to be an analytics module.
- Over 242,000 downloads of infected apps have taken place, targeting users mainly in Europe and Asia.
- An additional campaign, FatBoyPanel, targets Indian users, collecting sensitive data via fake apps on WhatsApp.
Already a member? Log in here