Kaspersky Uncovers the SparkKitty Malware Attacking iOS and Android Devices Via Fake Apps to Steal Sensitive Data Through Screenshots

Kaspersky’s SecureList researchers have now uncovered a new malware called SparkKitty which has now started attacking both iOS and Android smartphone devices. This malware is said to infect affected devices via fake apps, and steals sensitive information saved as screenshots.

Read more about it below.

SparkKitty Malware Attacks iOS and Android Devices

The SparkKitty malware has been identified as a stealthy Trojan virus that has been embedded within fake apps (like crypto-converters, gambling games, and trojanized versions of known apps), and it is not only being distributed via websites, but also on the App Store and Play Store itself. Notably, this malware is believed to be the mobile version of the SparkCat malware that targeted PC devices (Windows and MacOS) earlier, pointing out the attackers’ shift of strategy, and in a similar way the SparkKitty malware also by seeking the permission to the smartphone’s Gallery, captures images (screenshots) carrying sensitive data like cryptocurrency wallet recovery phrase and uses them to gain control over accounts.

So far, the malware has only targeted users in China and Southeast Asia, however a widespread global attack is possible as stated by experts. With fake but convincing logos, app names, and feedback, users are easily misled to download infected apps, and once the app gains access to the Gallery, all sensitive data will reach the attackers as mentioned above. Smartphone users are thus advised not to save sensitive data like account details, passwords, or recovery information as images or screenshots for convenience, but rather should note it down offline, and also be careful when downloading apps.