Kaspersky researchers find malware to read screens on App Store and Google Play
Kaspersky researchers identify that malware is distributed in apps on both Android and iOS mobile showcases. Dmitry Kalinin and Sergei Puzan shared their In a malware campaign, which they called Sparkcat, which has probably been active since March 2024.
"We cannot confirm for sure whether the infection is the result of an attack on the supply chain or deliberate action by developers," The couple wrote. "Some of the apps, such as food delivery services, seemed legal, while others were obviously built to lure victims."
Kaspersky’s duo said Sparkcat is a stealing operation that seems to want normal or harmless permissions at a glance. Some of the applications in which the couple has found malware are still available for download, including the COMECOME and AI Chat Apps Anygpt and Wetink food supplies.
The malware in question uses optical character recognition (OCR) to review the library of the device photos, looking for pictures of phrases to restore crypto portfolios. Based on their evaluation, infected Google Play apps have been downloaded more than 242,000 times. Says Caspery "This is the first known case of an app infected with OCR Spyware, which is located on the official Apple market."
Apple often promotes the strict security of the App Store and although cases of malware occur, this discovery is a reminder that the wall garden is not impenetrable to attacks.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/kaspersy-researchers-find-creenshot- Reading- Malware-on-Ap-Store-and-Google-Play-Play-11110 html? srccc = RSS
English