New SparkKitty malware targets crypto wallets
The Trojan hides in popular apps and uploads users’ photos to remote servers to extract wallet credentials.
A new Trojan dubbed SparkKitty is stealing sensitive data from mobile phones, potentially giving hackers access to cryptocurrency wallets.
Cybersecurity firm Kaspersky says the malware hides in fake crypto apps, gambling platforms, and TikTok clones, spread through deceptive installs.
Once installed, SparkKitty accesses photo galleries and uploads images to a remote server, likely searching for screenshots of wallet seed phrases. Though mainly active in China and Southeast Asia, experts warn it could spread globally.
SparkKitty appears linked to the SparkCat spyware campaign, which also targeted seed phrase images.
The malware is found on iOS and Android platforms, joining other crypto-focused threats like Noodlophile and LummaC2.
TRM Labs recently reported that nearly 70% of last year’s $2.2 billion in stolen crypto came from infrastructure attacks involving seed phrase theft.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
