Kaspersky Uncovers SparkKitty Spyware Targeting Crypto Seed Phrases via Official App Stores

BTCC / BTCC Square / Global Cryptocurrency /

Author:

Release Time:

2025-06-24 14:53:01

BTCCSquare news:

Kaspersky researchers have identified a new mobile malware campaign dubbed SparkKitty, which stealthily harvests cryptocurrency seed phrases from compromised devices. The spyware infiltrates both iOS and Android platforms through official app distribution channels, including Google Play and the App Store, masquerading as legitimate software libraries.

The malware employs optical character recognition (OCR) to scan device screenshots for sensitive crypto wallet information. Android variants written in Kotlin function as malicious Xposed modules, while iOS payloads disguise themselves as common development frameworks like AFNetworking or Alamofire. Google has already removed identified malicious apps from Play Store following researcher notifications.

This discovery follows Kaspersky's earlier exposure of the SparkCat malware targeting cryptocurrency wallets, suggesting an escalating threat landscape for digital asset holders. The campaign has been operational since at least January 2025, with attackers evolving their techniques to bypass platform security measures.

By:

Log in to Reply

Goldman Sachs and Citadel Back Digital Asset’s Canton Network in $135M Funding Round

Articles on this site are sourced from public networks or curated by AI for informational purposes only and do not represent BTCC’s views. Original rights belong to the respective authors. For copyright concerns, please contact [email protected]. BTCC assumes no liability for the accuracy, timeliness, or completeness of this information, and disclaims all liability arising from reliance on such content. This content is for reference only and should not be taken as investment, legal, or commercial advice.