Kaspersky Discovers SparkCat Malware Targeting Crypto Recovery Phrases

Kaspersky has identified a malware campaign named SparkCat that targets crypto recovery phrases stored in phone galleries. Key details include:

The malware infected approximately 242,000 users via food delivery and AI chat apps.
Active on Google Play and the App Store since March 2024.
Utilizes machine learning to scan images for sensitive data, including wallet recovery phrases and passwords.
Stealthy operation made financial impact difficult to assess.
Mainly targeted users in Europe and Asia with indications of Chinese origins behind the attack.
Affected apps have been removed from stores; however, concerns remain about future similar attacks.
Contrast to declining crypto-related malware attacks; rise in social media scams involving meme coins noted.

The SparkCat campaign highlights new strategies in cyber theft, focusing on user carelessness rather than direct deception.