There are malware-infected apps on Google’s Play Store and Apple’s App Store that target crypto wallet users, according to Cybersecurity firm Kaspersky.
The firm’s researchers recently published a report stating that they have identified malware-infected apps on these mobile app stores that steal crypto wallet recovery phrases. The malware, known as SparkCat, was embedded in seemingly legitimate apps, including WeTink, AnyGPT, and ComeCome, which were also available on Google Play.
According to Kaspersky’s report, these apps used Optical Character Recognition (OCR) technology to scan users’ photo libraries for sensitive data. The stolen information was transmitted to attackers’ remote servers, potentially leading to financial losses.
SparkCat was built on a custom protocol built in Rust, an uncommon choice for mobile malware and requests photo library access under the guise of normal app features like chat support, so detection is difficult.
The cybersecurity firm claimed that the malware has been active since March 2024, and its appearance in the iOS ecosystem, a platform known for its strict security measures, marks a notable escalation.
Apple has yet to issue an official statement, but industry insiders anticipate security updates in response.
Meanwhile, Kaspersky’s report comes on the heels of a new report from blockchain analytics firm ScamSniffer that phishing scams cost crypto users over $10.2 million in January 2025. The firm claimed that although losses dropped 56% from December 2024, transaction simulation spoofing- a process where attackers exploit fraudulent signatures to authorize transactions of crypto wallets, is emerged as a key threat. More than 9,000 victims were reportedly affected, with some losing hundreds of thousands in a single day.
Security experts, including those from Kaspersky, advise users to avoid storing recovery phrases as screenshots and to transfer assets to new wallets if compromise is suspected. Kaspersky has pledged continued monitoring and reporting on emerging threats in the crypto space.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
