Kaspersky Lab has identified a new virus that penetrates smartphones through fake applications in the App Store and Google Play. This Trojan steals data from photos and can be found in 20 different programs: from messengers to AI assistants and crypto exchanges. This was reported by a company representative. He specified that users have downloaded programs with a malicious framework from Google Play more than 242,000 times.
The SparkCat Trojan looks like a regular application, but after installation and launch, it requests access to photos. It then uses OCR (optical character recognition) technology to analyze text in images in the gallery. If the stealer finds keywords, it sends these images to attackers.
Experts believe that the creators of such "Trojans" want to gain access to people's crypto wallets. To do this, they use seed phrases to steal other people's digital assets. Viruses can also search for messages and passwords if they are in screenshots.
Sergey Puzan from Kaspersky Lab said that this is the first case when malicious software that steals user data was embedded in an application from the App Store.
This campaign destroys the stereotype that there are no malicious applications for iOS, and Android threats are not relevant for Apple device owners.
Timofey Voronin, Deputy Director for Technology Transfer at the Center for the National Technological Initiative "Technologies for Storing and Analyzing Big Data" at Moscow State University, said that previously only owners of Android devices faced a similar problem. For example, in 2023, the CherryBloss and FakeTrade Trojans, disguised as applications for mining and online shopping, infected devices on this operating system and searched for confidential information in images. Their main goal was to gain access to the crypto wallet.
In 2024, cyber fraudsters stole up to 300 billion rubles from Russians. Currently, a unified national platform is being developed to combat fraud. This platform will allow for the rapid detection and blocking of phishing sites, as well as phone numbers and bank accounts of fraudsters. In addition, the system will track suspicious financial transactions, which will help prevent theft and protect users.
Read materials on the topic:
Be vigilant: top 3 most common fraudulent schemes in 2025
The number of reconnaissance hacker attacks on sites in Russia due to AI has increased by 220%
Fraudsters steal data from Russians via free Wi-Fi at airports
Hackers break into smart devices in homes and make them "work" for themselves
How to reduce your digital footprint on the Internet: several effective ways