Alert: SparkKitty Malware Targets Crypto Wallet Seed Phrases
Kaspersky, a global leader in cybersecurity, has issued an urgent warning about SparkKitty malware, a newly identified threat stealing sensitive data from mobile devices. This malicious software specifically targets screenshots containing cryptocurrency wallet seed phrases, compromising digital asset security. Active since January 2024, the malware infiltrates both iOS and Android systems through seemingly legitimate apps on official app stores.
How SparkKitty Compromises Devices
Upon infection, SparkKitty scans and exfiltrates all images from a device’s gallery. Sergey Puzan and Dmitry Kalinin, security researchers at Kaspersky, emphasize that while the primary target is cryptocurrency recovery phrases, all personal photos become vulnerable. The malware spreads through:
- 币coin: A cryptocurrency tracking application available on Apple’s App Store
- SOEX: A messaging platform with built-in crypto exchange features distributed via Google Play
Essential Protection Measures
To safeguard against SparkKitty and similar threats:
- Download applications only from trusted developers
- Maintain current operating system and security patches
- Install reputable mobile security software
- Never store sensitive financial information in photo galleries
This incident underscores the growing sophistication of mobile malware targeting cryptocurrency users worldwide.
