AAPL: 207.93 ( 0.44 )
Copyright © 2025 Quiller Media, Inc. All rights reserved.
iPhone 16 Pro Max
Last updated
A newly discovered malware campaign is stealing cryptocurrency from iOS by exploiting vulnerabilities in apps available on the App Store.
Kaspersky researchers have discovered a malicious software development kit (SDK) called SparkCat hidden inside multiple apps on both iOS and Android. SparkCat is designed to steal cryptocurrency wallet recovery phrases using optical character recognition (OCR), allowing attackers to access and drain funds remotely.
Kaspersky has shared a list of MD5 hashes linked to the malicious SparkCat SDK, as well as BundleIDs for iOS apps. However, the company hasn’t revealed the full list of infected apps, leaving users in the dark about whether they’ve installed one.
While some, like ChatAi, have been identified, many remain unnamed, raising concerns that malware could still be lurking on users’ devices.
The infected apps on Google Play had over 242,000 downloads, and SparkCat appears to be the first documented instance of crypto-stealing malware slipping through Apple’s App Store review process. It was initially found in a food delivery app called ComeCome, which was available in the UAE and Indonesia.
Researchers determined the malware has been active since at least March 2024, scanning users’ photo galleries for wallet recovery phrases and secretly uploading them to an attacker-controlled command-and-control (C2) server.
Unlike past malware that primarily spread through unofficial sources, SparkCat managed to slip into legitimate app stores, making it a more serious threat. It also communicates with attackers using a custom protocol built in Rust, an uncommon programming language for mobile apps.
Some of the infected apps seemed legitimate, like food delivery and AI-powered messaging apps, while others were likely created to bait users.
Apple has pulled the 11 iOS apps mentioned in Kaspersky’s report from the App Store. The company also found that these apps share code signatures with 89 others that were previously rejected or removed for fraud violations. The developers behind them have already had their accounts shut down.
Importantly, Apple users can decide if third-party apps can access sensitive data like Photos and other Apple services. When an app requests information from another app for the first time, a prompt appears explaining why. Users can change these permissions any time in Settings.
Like SparkCat, some malware strains also use OCR to extract text from images. Storing a recovery phrase as a screenshot or photo makes it an easy target for automated scanning tools used by attackers.
Check your installed apps regularly and delete anything that looks unfamiliar or unnecessary. Using a reputable mobile security app can help catch potential threats before they become a problem.
And if you think your wallet might be compromised, transfer your funds to a new one with a fresh recovery phrase, but only after making sure your device is clean.
That means deleting any suspicious apps, especially those flagged in security reports. It’s also a good idea to reset app permissions and clear cached data to remove any lingering threats.
Before restoring from a backup, ensure it doesn’t include any infected apps, as reintroducing malware is a common risk. After resetting, only reinstall essential apps from trusted sources to minimize risk.
Andrew is a writer and commentator who has been sharing his insights on technology since 2015. He has authored numerous online articles covering a range of topics including Apple, privacy, and security. Andrew joined …
Oh No!… Anyway…
What if you put your wallet key in your notes app? Will they be able to find that?
DMA .. DMA .. DMA .. thank goodness for level playing fields, shame that the quality standard has gone down. Ursula von der Leyen has bigger fish to fry this week.
As Thunderbolt 5 devices become more widely available, the CalDigit Element 5 Hub offers a compact, no-frills expansion option with only the essential ports.
While we'll never stop looking ahead to what's coming, and never stop looking at what's going on right now, it's also time to look back at how much Apple Silicon and the Apple Watch have meant to us all.
Imagine turning everyday experiences — a photo, a song, a quiet moment — into something worth remembering. With Apple's Journal app, you can do just that, but only on your iPhone.
Apple will reportedly dramatically accelerate manufacturing efforts in India, and may try to import nearly every iPhone 18 sold in the US from the country by the end of 2026. There are reasons to be skeptical that this will happen.
For many, the best email app is the one that came on your iPhone, Apple's own Mail app. To get the most use out of the Mail app, you can set it up to have all of your email accounts and addresses in one place in it.
Apple's iconic App Store was recently updated to feature AI-generated summaries of user reviews, and now we know how it all works.
A new report suggests that Apple CEO Tim Cook has lost faith in his AI/ML chief John Giannandrea and is shifting the robotics team to hardware headed by John Ternus.
Apple invests quite a bit of time, money, and effort into its environmental initiatives, but it's hard to see whether or not its efforts are making an impact.
Imagine turning everyday experiences — a photo, a song, a quiet moment — into something worth remembering. With Apple's Journal app, you can do just that, but only on your iPhone.
Apple's iconic App Store was recently updated to feature AI-generated summaries of user reviews, and now we know how it all works.
A new report suggests that Apple CEO Tim Cook has lost faith in his AI/ML chief John Giannandrea and is shifting the robotics team to hardware headed by John Ternus.
{{ summary }}
