Congratulations, Your TikTok App Just Robbed You: New Spyware SparkKitty Prowls App Store and Google Play

Kaspersky has uncovered a new mobile spyware threat called SparkKitty that targets both iOS and Android users through crypto, gambling, and fake TikTok apps.

The Trojan was found embedded in apps distributed not just via shady websites but also through the supposedly safe havens of Google Play and the App Store.

SparkKitty quietly sends photos and device data from infected phones to cybercriminals who appear to be focused on stealing cryptocurrency, especially from users in Southeast Asia, including the Philippines.

The malware campaign uses developer tools to sneak past Apple’s gatekeeping, with one Trojan posing as a crypto app named 币coin and others masquerading as TikTok or gambling platforms.

On Android, a fake messenger app with crypto exchange features, SOEX, racked up over 10,000 downloads from Google Play before its true nature was discovered.

Scam websites and social media platforms like YouTube were used to promote infected apps, pushing unsuspecting users to hand over their digital lives wrapped in a sleek crypto-themed user interface.

Once installed, the apps behaved like the real deal while secretly scraping photo galleries for screenshots that might contain crypto wallet recovery phrases.

SparkKitty appears to be the malicious offspring of the earlier SparkCat malware, which had similar crypto-stealing functionality and holds the honor of being the first known iOS Trojan with built-in OCR.

This marks the second time in a year that Kaspersky has identified full-fledged spyware sneaking into the App Store, further eroding any illusions of Apple’s walled garden.

Security experts advise users to delete infected apps, avoid storing sensitive screenshots, and be suspicious of any app that wants access to photo galleries just to trade coins or watch videos.

And yes, Kaspersky recommends using their own security software to fend off the very threats they just uncovered — how convenient.

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from TBC News

Subscribe now to keep reading and get access to the full archive.

Continue reading