Apple and Google download malicious mobile applications from their app stores

Apple and Google have downloaded up to 20 applications from their relevant app stores after security researchers found that applications have been carrying malware to theft of data for almost a year.

Caspery Security Researchers said the malwareNamed Sparkcat, has been active in March 2024. Initially, researchers discovered the malicious framework in the food delivery app used in the United Arab Emirates and Indonesia, but later found the malware of 19 other, unrelated applications that they have been withdrawn Cumulatively downloaded more than 242,000 times through Google’s Play Store.

Using a code that is intended to capture text visible on the user’s display – known as optical character recognition (OCR) – Researchers have found that malware scan Restoration of cryptocurrency portfolio in various languages, including English, Chinese, Japanese and Korean.

Using malware to capture the victim’s recovery phrases, attackers can gain full control over the victim’s portfolio and steal their funds, the researchers have found.

Malware can also allow personal information from screenshots, such as messages and passwords, the researchers said.

After receiving the report from researchers, Apple downloaded compromised apps from the App Store last week, followed by Google.

“All identified applications have been removed from Google Play and developers are banned,” Google spokesman Ed Fernandez told TechCrunch.

The Google spokesman also confirmed that Android users are protected from known versions of this malware through the built -in Google Play Protect protection feature.

Apple did not reply to comment requests.

Kaspersky Rosemarie Gonzales spokesman told TechCrunch that while reported applications are downloaded from official application stores, telemetry data suggests that malware is also available from other websites and unofficial applications.