Image-reading malware found on Play Store, App Store apps: Report
The latest cybersecurity threat has emerged in the form of a malware-infected app that can scan images stored in a user’s phone to steal crypto wallet passwords. The malware, dubbed ‘SparkCat’, has been found on both Apple’s App Store and Google’s Play Store, according to a report by cybersecurity software firm Kaspersky.
The report revealed that the malware-infected apps, including food delivery app ComeCome and messaging apps like WeTink and AnyGPT, can access images stored in a user’s phone and scan them to identify crypto wallet passwords. Once the passwords are identified, the malware can use them to access the user’s crypto wallet and steal their digital assets.
Kaspersky discovered the malware-infected apps during a routine scan of the App Store and Play Store for malicious code. The company’s researchers found that the apps had been downloaded by thousands of users, making it a significant security risk.
The malware works by using a technique called “image-based password extraction”. This involves the app scanning images stored in the user’s phone for keywords related to crypto wallets, such as cryptocurrency logos or wallet addresses. Once the app identifies a potential password, it uses machine learning algorithms to extract the password from the image.
The impact of this malware is significant, as it can potentially compromise the security of crypto wallets and allow attackers to steal digital assets. This is particularly concerning given the growing popularity of cryptocurrencies and the increasing value of digital assets.
The report by Kaspersky highlights the need for users to be vigilant when downloading apps from the App Store and Play Store. Users should always read reviews and check the app’s permissions before installing it, and should be wary of apps that ask for excessive permissions or seem suspicious.
In addition, users should take steps to secure their crypto wallets, such as using strong passwords, enabling two-factor authentication, and keeping their wallets up to date with the latest security patches.
The discovery of this malware also highlights the need for app developers to prioritize security when creating apps for the App Store and Play Store. Developers should use secure coding practices, conduct regular security audits, and test their apps thoroughly to ensure they are free from malware.
The report by Kaspersky also raises concerns about the effectiveness of Apple and Google’s app review processes in detecting and removing malware-infected apps from their stores. The discovery of this malware suggests that there may be a need for more robust and frequent security checks to ensure that apps are free from malware before they are released to the public.
In conclusion, the discovery of the SparkCat malware is a significant security risk that highlights the need for users to be vigilant when downloading apps from the App Store and Play Store. It also emphasizes the importance of app developers prioritizing security and the need for more robust security checks to ensure that apps are free from malware before they are released to the public.
Source:
