Useful information

Prime News delivers timely, accurate news and insights on global events, politics, business, and technology

Kaspersky researchers find screen reading malware at the App Store and Google Play

Kaspersky researchers have identified the malware that is distributed within the applications in the mobile android and iOS mobile showcases. Dmitry Kalinin and Sergey Puzan shared their investigation In a malware campaign, they have called Sparkcat, which has probably been active since March 2024.

"We cannot confirm with certainty if the infection was the result of an attack of the supply chain or a deliberate action by the developers," The couple wrote. "Some of the applications, such as food delivery services, seemed to be legitimate, while others had apparently been built to attract victims." They said that Sparkcat is a stealthy operation that at a glance seems to be requesting normal or harmless permits.

On February 6, Kaspersky updated his report to take into account that the affected applications had been deleted from the App Store. Apple confirmed that it had deleted the 11 applications, added that the applications shared code with 89 applications that had previously been rejected or deleted from the store.

The malware in question uses the recognition of optical characters (OCR) to review the photo library of a device, looking for screenshots of recovery phrases for cryptographic wallets. According to its evaluation, Google Play infected applications have been downloaded more than 242,000 times. Kaspersky says "This is the first known case of an application infected with OCR Spyware found in the Official Apple Applications Market."

Apple often promotes the rigorous security of the App Store, and although the cases of malware that appear have been rare, this discovery is a reminder that the walled garden is not waterproof to attacks.

Update, February 6, 2025, 5:15 pm et: Revised to observe an update of Kaspersky’s report on the applications that are deleted from the App Store, as well as additional Apple context.

This article originally appeared in Engadget at https://www.engadget.com/cybersecury/kaspersky-researchers-find-screenshot-reading-malware-on-the-app-store-and-google-play-211011103.html?src = RSS
Discounts
Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending now

Los Angeles fire death toll rises to 24 as strong winds expected
Los Angeles fire death toll rises to 24 as strong winds expected
Firefighters continually fight to control Los Angeles wildfires after 3 days
Firefighters continually fight to control Los Angeles wildfires after 3 days
California prohibits cancellation and non-renewal of insurance in areas of Los Angeles affected by fires
California prohibits cancellation and non-renewal of insurance in areas of Los Angeles affected by fires
Luigi Mangione Pleads Not Guilty to Murder, Terrorism Charges in Killing of UnitedHealthcare CEO