Cybersecurity researchers at Kaspersky have lucah tmruncovered a new and dangerous malware strain, which they believe has been active since at least Feb. 2024.
Dubbed SparkKitty, the malware is part of the broader SparkCat family — a line of Trojan horse programs designed to steal cryptocurrency from unsuspecting users. Kaspersky first discovered the original SparkCat malware in Jan. 2025, noting that it had already made its way onto both the Google Play Store and Apple’s App Store.
SEE ALSO: Scammers tricked TikTok users into downloading malware with AI videosLike many trojans, these malicious apps disguise themselves as legitimate software. In the crypto world, this can be especially risky. The researchers say that one such Android app, SOEX, posed as a messaging platform with cryptocurrency trading features. They say it racked up more than 10,000 downloads on Google Play before being flagged. Kaspersky researchers found a similar app on the iOS app store, as well as modified versions of the TikTok app posing as the real thing.
SparkKitty is specifically engineered to access users’ photo libraries. The reasoning being that many crypto users screenshot their recovery phrases — which are needed to restore access to their wallets — and store them in their camera rolls. By extracting these images, attackers can potentially gain full access to victims’ crypto accounts.
Malware like SparkKitty is built to scan for images that could be valuable to attackers. However, unlike its more targeted predecessor, SparkCat, SparkKitty isn’t especially selective — it scoops up a broad range of images and sends them back to the attackers, regardless of content, according to a detailed report on Secure List by Kapersky.
While the primary concern remains the theft of crypto wallet recovery phrases, broader access to users’ photo libraries opens the door to other risks, including potential extortion using sensitive or private images. That said, there appears to be no evidence that the stolen images have been used for blackmail or similar schemes.
Kaspersky reports that the malware campaign has primarily targeted users in Southeast Asia and China. Most of the infected apps were disguised as Chinese gambling games, TikTok clones, and adult entertainment apps, all tailored to users in those regions.
Topics Cybersecurity
Gluwa Partners With Lagos State Government to Digitize Agricultural Assets
Marco Rubio's attempt to hug Ivanka Trump is peak awkward
Prince George was not impressed at the Queen's birthday parade
Man promises to get Angela Merkel tattoo on his butt for 10,000 upvotes, delivers
XDB Staking Rewards Coming to DigitalBits Ecosystem
Rich guy Leo DiCaprio surrenders priceless art in wake of embezzlement scandal
'Thor: Ragnarok' director joins anti
Google Doodle honors first Native American physician
Family Fiesta
Carrefour drops dog meat from China stores, 5 years after it said it would
XPLUS Announces Dex Listing & Public Beta Launch of First SocialFi App
No, Wonder Woman wasn’t paid millions less than Superman
Man promises to get Angela Merkel tattoo on his butt for 10,000 upvotes, delivers
Scarlet Johansson and her grandma doppelg?nger finally hit the red carpet together
Pasadena Buddhist Temple’s Annual Obon Festival This Weekend
Barack Obama paid tribute to Jay
Study uncovers clever way to get people to eat their veggies
Japan to use cancer
Screening of ‘The Motel’ at JANM
Instagram outed this Filipino celeb before she was ready, but she rose above the haters
Honda to complete construction of first battery EV plant with partner Dongfeng · TechNode'Andor' showrunner explains 'the galaxy is watching'Meituan’s KeeTa becomes the secondBaidu terminates $3.6 billion deal to acquire YY Live · TechNodeXiaomi launches Weibo legal account amid unverified reports on upcoming car SU7 · TechNodeHow Trump bent the National Park Service to do his biddingA Most Baffling YearBook sale: Buy one get one 50% off select books at TargetBeijing unveils blueprint to boost energy load shifting from EV charging · TechNodeBaidu terminates $3.6 billion deal to acquire YY Live · TechNode Instagram promises to amplify smaller creators Gen Z mostly doesn't care if influencers are actual humans, new study shows Jets vs. Dolphins livestreams: How to watch NFL online Why should we care what celebrities like Taylor Swift and Billie Eilish say about Palestine? Saints vs. Giants livestreams: How to watch NFL online Get up to 90% off Kindle books ahead of the Amazon Book Sale A parent's guide to Skibidi Toilet: What is it and why is it so popular? LinkedIn now offers 3 online games Best pet camera deals: Save up to 35% off pet camera brands during Amazon Pet Day iPhone 13 deal: Get $60+ off the iPhone 13 at Best Buy
0.2259s , 9844.5625 kb
Copyright © 2025 Powered by 【lucah tmr】New malware scans photos on both Android and iOS devices,Global Hot Topic Analysis
