A new threat in the field of cyber security is on the agenda. According to a study by Kaspersky, both the Apple App Store and the Google Play Store in some applications, users secretly read the screenshots of the crypto money wallet information was found. The name of this malware is defined as “Sparkcat .. This software, which affects the App Store, known for its strict security policies, uses the optical character recognition (OCR) technology that can produce text from images. According to Kaspersky’s data, such an attack is seen for the first time in the Apple ecosystem.
The working mechanism of malware is quite complex. Sparkcat demands access to the photo gallery, especially when users try to use the chat support feature in the application. If the user gives this access permission, the harmful code starts scanning the photos on the device. The main objective here is to seize the screenshots of crypto currency wallets, or screenshots with recovery statements. Malse software transmits these images to the attackers. In this way, easily access to users’ digital assets and crypto coins are stolen.
How does Sparkcat spread?
Sparkcat is spreading through some applications. According to Kaspersky’s findings, some of the applications that contain malicious software draw attention as artificial intelligence chat programs called “Wetink” and “Anygpt”. In addition, a meal delivery application called “ComECOME ı is also within the scope of this threat. It is stated that these applications seem to offer completely legitimate services to users. The interesting point is that these applications are still downloadable from the App Store and Google Play. Kaspersky emphasizes that this poses a serious risk for users.
There is no clear information about how this attack took place yet. Kaspersky officials say they cannot determine whether the malware is involved in supply chain attack, or whether they are directly integrated by developers. However, some Chinese comments and error messages in the code indicate that developers use this language. Such tips may be important to investigate the source of the attack. Cyber security experts point out that the issue should be examined in more detail.
Such threats are a great danger, especially for users who invest crypto money. Many users store wallet passwords and recovery statements in unaily places. If the screenshots get into the hands of malicious people, crypto beings can be stolen rapidly. For this reason, digital security measures need to be more attention than ever. It is recommended to store users’ passwords and other sensitive information in a reliable password manager.
Some basic steps can be taken to protect against cyber attacks. First of all, it is of great importance to make sure that the reliability of the applications you install on your device. In addition, it is necessary to carefully review the application permissions. Avoiding unnecessary access permits to applications may minimize the effect of malware. In addition, applying regular security updates is another important step.
Apple and Google side have not yet made an official statement on this issue. It can be said that the SPARKCAT case is a serious warning for the company, especially considering that Apple is an example in the sector in the sector. Similarly on Google side, the audit processes in the application store are expected to be reviewed. Such events once again demonstrate that technology giants should make security policies more strict.
Sparkcat malware is another example of rapidly increasing security threats in the digital world. Technology and financial sectors seem to develop stronger security measures against such attacks. It is important that users behave more consciously individually in terms of reducing the effect of such threats.