SparkCat Malware Targets iOS Apps via OCR Tech
Researchers at Kaspersky have discovered SparkCat, a new iOS malware found in suspicious App Store apps. This malware uses Optical Character Recognition (OCR) to scan screenshots for sensitive information, particularly crypto wallet recovery phrases, enabling attackers to steal Bitcoin and other digital assets. See a related article on AI security concerns.
How SparkCat Works
Infected apps, including ComeCome, WeTink, and AnyGPT, use Google’s ML Kit OCR plug-in to analyze images. Upon detecting a crypto wallet-related screenshot, the malware sends the data to an attacker-controlled server. Active since March 2024, SparkCat extends similar attacks previously seen on Android and PC to iOS. Check out this link for Google's system updates.
Risks and Prevention
These apps request access to photos and scan them for sensitive text, posing a risk to user privacy. Some remain in the App Store, primarily targeting users in Europe and Asia. While focused on stealing crypto details, they could also capture other private data like passwords. Despite Apple’s security measures, SparkCat bypassed app checks, highlighting the increasing sophistication of malware. Kaspersky advises against storing sensitive screenshots in the Photo Library. Learn about how Samsung is handling updates for its devices.
For more details, visit Kaspersky’s website.