Kaspersky, a major player in the cybersecurity industry, has unmasked a novel virus named “SparkKitty.” Their target are the iPhone and Android users, as it goes through the respective photo albums to discover crypto wallet recovery phrases.
The main operation of SparkKitty is to look for photographs related to crypto wallets in one’s photo gallery. It has been reported that presently, it mainly affects the populations of China and Southeast Asia but the experts predict that soon it will reach the other parts of the globe.
What’s the procedure of its working?
According to Kaspersky, the SparkKitty virus invades smartphones and insidiously scans all the images saved on the device. Its ultimate aim is to find the photos of the crypto wallet recovery phrases that are usually 12 or 24 words and that users keep as backup.
Your completely free resource hub designed to boost your knowledge of cryptocurrencies
In case it gets hold of those words, the virus has the capability to transmit them to the criminals who in turn can access the wallet and get the funds.
SparkKitty Uses Masking To Hide Behind Fake Apps
The SparkKitty virus operates on the principle of disguise and makes the unsuspecting mobile apps its carriers. Amongst, one was “币 coin”, a cryptocurrency tracking app, which could be downloaded from the Apple Store.
The other imposter app was “SOEX”, which posed as a messaging and crypto trading site. Its popularity and reliability were falsely enhanced by its having over 100,000 downloads on Google Play.
SparkKitty was able to infiltrate compute phones disguising itself. Users who downloaded the apps were under the impression that they were getting protection but in reality, they were installing the malware. After revealing the risk, Kaspersky notified both Google and Apple. As a result, the fake apps have now been pulled off from the two companies’ stores.
