SparkKitty spyware caught stealing photos on iPhone and Android — and the reason might surprise you
Whether you use an iPhone or an Android phone, chances are, there's plenty of sensitive personal and financial information on your smartphone. While hackers have been known to go after your passwords, there's a new malware strain making the rounds online that also has your photo library in its sights.
As reported by BleepingComputer, both the best iPhones and the best Android phones are currently being targeted in a new campaign that uses SparkKitty to steal all of the images of an infected device.
According to the cybersecurity firm Kaspersky, this campaign has been active since February of last year. However, what sets it apart is the fact that the malware in question found its way onto both Apple's App Store and the Google Play Store.
If you thought the hackers behind this campaign were after your selfies, think again. Instead, they're looking for screenshots of crypto wallet seed phrases. For those unfamiliar, these very important phrases are the only way you can regain access to a crypto wallet if you forget your password. With them in hand though, hackers can easily drain all of your digital currency and good luck trying to get it back.
Here's everything you need to know about this new campaign along with some tips and tricks on how you can avoid having your Android phone or even your iPhone come down with a nasty malware infection.
Just like with many other malware campaigns, this one uses malicious apps to establish a foothold on targeted devices before infecting them with SparkKitty.
In its report on the matter, Kaspersky explains that the hackers behind this campaign used the SOEX messaging app which also has cryptocurrency exchange features to target Android users directly on the Google Play Store. Meanwhile, on iPhone, they used the 币coin app on Apple's App Store to achieve the same thing.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
While Google has already removed the SOEX app from the Play Store, at the time of writing, the 币coin app is still up on the App Store and has yet to be removed by Apple. Either way, if you downloaded either of these apps, you should manually delete them right now.
At the same time, Kaspersky also found modded TikTok clones with fake online cryptocurrency stores as well as gambling apps, adult-themed games and casino apps distributing the SparkKitty malware. However, instead of being available on an official app store, these apps had to be sideloaded.
SparkKitty is embedded as fake frameworks or delivered via enterprise provisioning profiles on iOS whereas on Android, the malware is embedded in both Java and Kotlin apps. On an iPhone, the malware is automatically executed when an app starts but on Android, it's triggered when an app launches or when a specific action like opening a certain screen type takes place.
To gain access to a victim's photo library, SparkKitty requests access to an iPhone's photo gallery but on Android, the malicious app used to install the malware prompts the user to grant storage permissions so that it can access any images stored on their device. Either way, once installed, the malware begins exfiltrating both existing pictures and any new ones taken on an infected phone.
From there, the malware goes through all of these stolen images, specifically looking for screenshots of crypto wallet seed phrases. When you sign up for a new crypto wallet or exchange, you're given a seed phrase and told to write it down to store it for safekeeping.
Although taking a screenshot seems like a fast and practical way to do this, this campaign and others like it show just how dangerous doing this can be. This is why old-fashioned paper and pen is the best way to store your seed phrases. However, you should also store them under lock and key to protect them further.
Although you can end up with a malware infection from clicking on malicious links, downloading email attachments from unknown senders and through piracy, one of the most common ways is via malicious apps either on official or unofficial app stores.
For this reason, you need to be extremely careful when putting any new app on your iPhone or Android phone. You want to make sure that you read an app's reviews and check its rating but since these can be faked, you also want to look for external reviews on other sites. If you can find one, video reviews are an even better option since you get to see an app in action before installing it.
It's also worth noting that even good apps can go bad when injected with malicious code which is why I always recommend limiting the number of apps you have installed on your devices. With fewer apps installed, there's less of a risk that you downloaded a malicious one or that a legitimate app has been hijacked by hackers.
Before downloading any new app, you first want to ask yourself if you really need it. It's likely one of your existing apps or even your phone's operating system is able to accomplish the same thing.
I always recommend limiting the number of apps you have installed on your devices. With fewer apps installed, there's less of a risk that you downloaded a malicious one.
Additionally, you also want to stick to trusted and well-known apps when possible and for most people, you should never sideload any app onto your phone. The reason being is that the apps on Apple's App Store and the Google Play Store go through rigorous security checks that both sideloaded apps and those from unofficial app stores don't.
Bad apps do manage to slip through the cracks from time to time. However, if you aren't carelessly downloading new ones, you'll be far less likely to accidentally install a malicious app.
As for staying safe from mobile malware, if you have an Android phone, you want to make sure that Google Play Protect is enabled on your devices. This free and built-in security app scans all of your existing apps and any new ones you download for malware or other malicious activity to keep you safe. For extra protection though, you might also want to consider running one of the best Android antivirus apps alongside it.
While there's no equivalent to these Android antivirus apps due to Apple's own malware scanning restrictions, the best Mac antivirus software from Intego is able to scan both your iPhone or iPad for malware but they have to be plugged into a Mac via USB cable to do so.
Malicious apps aren't going anywhere anytime soon given how successful they've been for hackers in malware campaigns like the one described above. However, if you think before you tap and limit the number of apps on your phone overall, your chances of ending up with a malware infection after downloading a malicious app will be a lot lower.
Likewise, you also want to make sure that you talk to both your younger and older family members and friends about the risks posed by malicious apps in order to keep everyone you know safe from hackers.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
2 hours ago
- Yahoo
Apple Inc. (AAPL): I Will Support It Until It Loses To Samsung, Says Jim Cramer
Apple Inc. (NASDAQ:AAPL) is one of the . A wide view of an Apple store, showing the range of products the company offers. Apple Inc. (NASDAQ:AAPL) is one of Cramer's favorite companies, a position that he's held despite the shares having lost 17.5% year-to-date. The firm has struggled due to investors' disappointment with its AI strategy, troubles with Chinese manufacturing, and slowing iPhone sales. In this particular appearance, in a long-drawn discussion with co-host David Faber, Cramer stressed that he likes Apple Inc. (NASDAQ:AAPL) because of its user base and product quality: '[On why he got sad as soon as Apple was mentioned] Okay because I think they're gonna maybe miss this quarter but the 17 might not be selling that well. We got a President that went from I think very grateful for 550 billion dollars of spend here to being someone who I think, I don't wanna say ridicule, but had some sport with Tim Cook, who is maybe one of the greatest if not the greatest executives of our time. I didn't like that. He moved to China. That was supposed to be loved. But that turned out to be hated. So he moved to India, which is a country which we really wanted under our umbrella. And that he's made sport of the Indian move. And he does not have an AI strategy, I'm talking about Tim Cook. And I wanted him to buy Perplexity, a month ago because Perplexity is by far the. . . 'No and then the revenue stream with Epic Games maybe you don't get the 30% from them. They're challenged on every front. . .As long as they have the greatest product in the world, I am going to support that company. While we acknowledge the potential of AAPL as an investment, our conviction lies in the belief that some AI stocks hold greater promise for delivering higher returns and have limited downside risk. If you are looking for an extremely cheap AI stock that is also a major beneficiary of Trump tariffs and onshoring, see our free report on the best short-term AI stock. READ NEXT: 20 Best AI Stocks To Buy Now and 30 Best Stocks to Buy Now According to Billionaires. Disclosure: None. This article is originally published at Insider Monkey. Sign in to access your portfolio
Engadget
2 hours ago
- Engadget
Android 16 will protect users from fake cell towers and potential spying threats
It turns out that your smartphone could be an overlooked vulnerability that puts you at risk of being tracked. To combat this, Google is rolling out a new security feature in Android 16 that will warn users if their device is using a fake or insecure mobile network or if that network requests identifying information about a connected device. However, these features likely won't be available until the next generation of Android devices, as first reported by Android Authority . Since the current Android devices lack the hardware to support these features, the first compatible Android device we could see with this tech may be the Pixel 10 that's expected to debut later this summer. This feature is designed to counteract cell site simulators, or devices that act like a cell tower and trick nearby devices into connecting to it. Once connected, these simulators can glean sensitive information, like the location of a smartphone. These cell site simulators are better known by their commercial nickname, Stingray, and have been reportedly used by agencies like U.S. Immigration and Customs Enforcement, as well as Customs and Border Protection. The upcoming security features are rolling out as part of the latest Android OS update, which was released earlier this month. Compatible devices will have the option to toggle "network notifications" on or off, which will warn you if your device connects to an unencrypted network or when the connected network requests your phone's unique identifiers. On top of that, there's another option that lets you turn on "2G network protection" to avoid the less secure mobile network type.
TechCrunch
3 hours ago
- TechCrunch
With ‘F1', Apple finally has a theatrical hit
Looks like Apple has its first bona fide box office hit. The company has already produced critically-acclaimed and award-winning films for Apple TV+. In fact, while Netflix has reportedly spent millions on its Oscar campaigns, Apple's 'Coda' remains the only movie produced by a streaming service to win the Academy Award for Best Picture. It has, however, been a different story at the box office — at best, returns have fallen short of ambitious budgets, and with 'Argylle,' the company had a spectacular flop. Last year, Apple reportedly decided to scale back on both budgets and theatrical releases, leading to canceled projects and criticism from directors. Things have finally turned around with 'F1' — currently the number one movie in theaters, on-track to earn $55.6 million this weekend at the domestic box office. With $144 million in global ticket sales, 'F1' will soon surpass 'Napoleon' ($228 million) as Apple's highest-grossing film. 'F1''s director, Joseph Kosinski, previously helmed 'Top Gun: Maverick,' and in many ways, the new movie sounds like a loose copy of the 'Maverick' formula, combining realistic, you-are-there cinematography (Brad Pitt is really driving those cars!) with a familiar narrative about an older veteran forced to work with a young upstart who needs to learn a thing or two about old-fashioned, analog grit. 'F1' (which is being distributed in the U.S. by Warner Bros.) likely benefited from the surging U.S. popularity of Formula One racing, fueled in part by Netflix's docuseries 'Drive to Survive.' Much of it was filmed at actual Formula One races, and driver Lewis Hamilton also signed on as a producer. Apple CEO Tim Cook even joined Hamilton for a Variety cover story in which Cook said the company was able to 'bring some things that were uniquely Apple to the movie, like our camera technology.' The plan, he added, was 'to have the whole of the company support it as well — our retail operation and everything.' Techcrunch event Save $450 on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections. Save $200+ on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections. Boston, MA | REGISTER NOW While Apple's bet seems to be paying off, it's still not clear whether 'F1' — with a reported budget of more than $200 million — will actually make a profit in theaters. Before its release, one box office analyst told Vulture that even in success, the movie 'may end up being a very expensive commercial for original content on Apple TV.'
