Malicious Screenshot-Reading iOS Apps Uncovered in the App Store
Malicious Apps Hide in Plain Sight: Stealing Cryptocurrency through Screenshot-Reading Code
A New Era of Malware
Imagine opening a seemingly harmless app on your smartphone, only to have it silently steal your cryptocurrency. This nightmare scenario has become a harsh reality, as researchers at Kaspersky have discovered a new wave of malicious apps hiding in the Apple App Store and Google Play. These apps, infected with a malware campaign dubbed “SparkCat,” use Optical Character Recognition (OCR) technology to extract text from images, making it possible to steal sensitive information.
How it Works
The malicious code, developed in March 2024, triggers a request to access your photo gallery when you attempt to use chat support within the infected app. Once granted permission, the malware uses Google OCR tech to scan for screenshots of crypto wallet passwords or recovery phrases. Any images containing this information are then sent back to the attackers, who can use the stolen data to access your wallets and steal your cryptocurrency.
The Apps You Need to Avoid
Kaspersky has identified two AI chat apps, WeTink and AnyGPT, which seem to have been created for this malicious campaign and are still available for download on the App Store. Additionally, the company found the malicious code in a legitimate-seeming food delivery app called ComeCome, which is also still available for download.
What You Can Do
While Apple and Google have yet to comment on the issue, it’s essential to exercise caution when downloading apps from the App Store or Google Play. Always read reviews, check permissions, and be wary of unusual requests for access to your personal data. Stay informed about the latest security threats and take proactive steps to protect your digital assets.
The Future of Malware
As the landscape of malware evolves, it’s crucial to stay ahead of the curve. With the rise of OCR technology and the increasing use of AI in app development, the potential for malicious apps to hide in plain sight is growing. By staying vigilant and prioritizing security, we can reduce the risk of falling victim to these sophisticated threats.
