SparkKitty spyware caught stealing photos on iPhone and Android — and the reason might surprise you
Whether you use an iPhone or an Android phone, chances are, there's plenty of sensitive personal and financial information on your smartphone. While hackers have been known to go after your passwords, there's a new malware strain making the rounds online that also has your photo library in its sights.
As reported by BleepingComputer, both the best iPhones and the best Android phones are currently being targeted in a new campaign that uses SparkKitty to steal all of the images of an infected device.
According to the cybersecurity firm Kaspersky, this campaign has been active since February of last year. However, what sets it apart is the fact that the malware in question found its way onto both Apple's App Store and the Google Play Store.
If you thought the hackers behind this campaign were after your selfies, think again. Instead, they're looking for screenshots of crypto wallet seed phrases. For those unfamiliar, these very important phrases are the only way you can regain access to a crypto wallet if you forget your password. With them in hand though, hackers can easily drain all of your digital currency and good luck trying to get it back.
Here's everything you need to know about this new campaign along with some tips and tricks on how you can avoid having your Android phone or even your iPhone come down with a nasty malware infection.
Just like with many other malware campaigns, this one uses malicious apps to establish a foothold on targeted devices before infecting them with SparkKitty.
In its report on the matter, Kaspersky explains that the hackers behind this campaign used the SOEX messaging app which also has cryptocurrency exchange features to target Android users directly on the Google Play Store. Meanwhile, on iPhone, they used the 币coin app on Apple's App Store to achieve the same thing.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
While Google has already removed the SOEX app from the Play Store, at the time of writing, the 币coin app is still up on the App Store and has yet to be removed by Apple. Either way, if you downloaded either of these apps, you should manually delete them right now.
At the same time, Kaspersky also found modded TikTok clones with fake online cryptocurrency stores as well as gambling apps, adult-themed games and casino apps distributing the SparkKitty malware. However, instead of being available on an official app store, these apps had to be sideloaded.
SparkKitty is embedded as fake frameworks or delivered via enterprise provisioning profiles on iOS whereas on Android, the malware is embedded in both Java and Kotlin apps. On an iPhone, the malware is automatically executed when an app starts but on Android, it's triggered when an app launches or when a specific action like opening a certain screen type takes place.
To gain access to a victim's photo library, SparkKitty requests access to an iPhone's photo gallery but on Android, the malicious app used to install the malware prompts the user to grant storage permissions so that it can access any images stored on their device. Either way, once installed, the malware begins exfiltrating both existing pictures and any new ones taken on an infected phone.
From there, the malware goes through all of these stolen images, specifically looking for screenshots of crypto wallet seed phrases. When you sign up for a new crypto wallet or exchange, you're given a seed phrase and told to write it down to store it for safekeeping.
Although taking a screenshot seems like a fast and practical way to do this, this campaign and others like it show just how dangerous doing this can be. This is why old-fashioned paper and pen is the best way to store your seed phrases. However, you should also store them under lock and key to protect them further.
Although you can end up with a malware infection from clicking on malicious links, downloading email attachments from unknown senders and through piracy, one of the most common ways is via malicious apps either on official or unofficial app stores.
For this reason, you need to be extremely careful when putting any new app on your iPhone or Android phone. You want to make sure that you read an app's reviews and check its rating but since these can be faked, you also want to look for external reviews on other sites. If you can find one, video reviews are an even better option since you get to see an app in action before installing it.
It's also worth noting that even good apps can go bad when injected with malicious code which is why I always recommend limiting the number of apps you have installed on your devices. With fewer apps installed, there's less of a risk that you downloaded a malicious one or that a legitimate app has been hijacked by hackers.
Before downloading any new app, you first want to ask yourself if you really need it. It's likely one of your existing apps or even your phone's operating system is able to accomplish the same thing.
I always recommend limiting the number of apps you have installed on your devices. With fewer apps installed, there's less of a risk that you downloaded a malicious one.
Additionally, you also want to stick to trusted and well-known apps when possible and for most people, you should never sideload any app onto your phone. The reason being is that the apps on Apple's App Store and the Google Play Store go through rigorous security checks that both sideloaded apps and those from unofficial app stores don't.
Bad apps do manage to slip through the cracks from time to time. However, if you aren't carelessly downloading new ones, you'll be far less likely to accidentally install a malicious app.
As for staying safe from mobile malware, if you have an Android phone, you want to make sure that Google Play Protect is enabled on your devices. This free and built-in security app scans all of your existing apps and any new ones you download for malware or other malicious activity to keep you safe. For extra protection though, you might also want to consider running one of the best Android antivirus apps alongside it.
While there's no equivalent to these Android antivirus apps due to Apple's own malware scanning restrictions, the best Mac antivirus software from Intego is able to scan both your iPhone or iPad for malware but they have to be plugged into a Mac via USB cable to do so.
Malicious apps aren't going anywhere anytime soon given how successful they've been for hackers in malware campaigns like the one described above. However, if you think before you tap and limit the number of apps on your phone overall, your chances of ending up with a malware infection after downloading a malicious app will be a lot lower.
Likewise, you also want to make sure that you talk to both your younger and older family members and friends about the risks posed by malicious apps in order to keep everyone you know safe from hackers.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
an hour ago
- Yahoo
Apple Eyes Perplexity AI Acquisition Amidst Search Engine Push
Apple Inc. (NASDAQ:AAPL) is one of the best Fortune 500 stocks to buy according to billionaires. On June 21, Apple executives held internal discussions regarding a potential acquisition of the AI startup Perplexity. These talks are in an early stage and may not result in a formal offer, as Apple has not yet approached Perplexity's management about a bid. Apple's interest in Perplexity comes from a need to enhance its AI talent and technology, particularly in developing an AI-based search engine. This is partly in response to the potential loss of its long-standing arrangement with Google, which makes Google the default search engine on Apple devices and generates an estimated $20 billion annually for Apple. A wide view of an Apple store, showing the range of products the company offers. The partnership is currently under scrutiny from US antitrust enforcers. An acquisition of Perplexity could also provide Apple with a known AI brand and a consumer product, potentially aiding future recruiting efforts in the competitive AI landscape. Perplexity recently completed an investment round that valued the company at $14 billion. An acquisition at or near this valuation would represent Apple's largest acquisition to date, surpassing its previous record of the $3 billion takeover of Beats in 2014. Apple Inc. (NASDAQ:AAPL) designs, manufactures, and markets smartphones, personal computers, tablets, wearables, and accessories worldwide. Perplexity is known for its AI-based search engine that provides real-time answers using information from the web. While we acknowledge the potential of AAPL as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the . READ NEXT: and . Disclosure: None. This article is originally published at Insider Monkey. Sign in to access your portfolio
The Hill
an hour ago
- The Hill
Hackathon teams race to solve defense tech challenges as Europe boosts military capabilities
SANDHURST, England (AP) — Hunched over laptops, the team of four raced to solve a challenge: how to get a set of drones to fly themselves from one place to another when GPS and other signals are jammed by an enemy. Elsewhere around the hall, groups of people — engineering students, tech workers and hobbyists — gathered around long tables to brainstorm, write computer code or tinker with more drones and other hardware. Most of them were strangers when they first gathered last month at Britain's Sandhurst Military Academy to compete in a 24-hour 'hackathon' focused on defense technology. Many were drawn to the event because they wanted to use their technical skills to work on one of the biggest challenges confronting Europe: the continent's race to beef up its military capabilities as Russia's war in Ukraine threatens to widen global instability. 'Given the geopolitical climate, defense tech is relevant now more than ever,' said Aniketh Ramesh, a startup founder with a Ph.D. in robotics in extreme environments and one of the drone team members. The hackathon, he said, 'is a good place to sort of go and contribute your ideas.' 'Robotics and drones are having their iPhone moment' because costs have come down and the hardware is widely available, Ramesh said. That means building drones to do new things is more a 'thinking challenge' than a technical one, he said. Ramesh already knew one teammate, a former British army paratrooper, from a previous event. They recruited two others — one engineer and one with a Ph.D. in computer vision — through the event's group chat on Signal. The drone problem was just one of the many challenges the teams could choose to solve. The tasks were proposed by defense startups like German drone maker Helsing and robotics company Arx, the British military and Kyiv-based venture capital firm D3. Some worked on software, such as an algorithm to predict which way a target would move. Others came with their own ideas. One team made a plastic cup packed with sensors that could be produced in large amounts to be scattered across a battlefield. Another team built a scale model of an autonomous medical evacuation aircraft. Similar competitions have been held regularly across Europe since last year, inspired by the Ukrainian military's on-the-fly wartime innovations to fend off the larger Russian army. The grassroots meetups are part of a wider network of defense innovation that organizers hope to foster in Europe, underscoring the continent's scramble to churn out weapons that have been turbocharged by U.S. President Donald Trump's persistent threats to withdraw from the NATO trans-Atlantic security alliance. The idea is to 'go build a prototype, take your prototype to become a product, and go build a company' that can 'deliver stuff to the frontline and hopefully save someone's life,' said Benjamin Wolba, who organizes a separate but similar series, the European Defense Tech Hackathon. Wolba's group has held tournaments in about 10 cities in the past twelve months, including one in Lviv, Ukraine, in May, and has scheduled more this year in Sheffield, England; Gothenburg, Sweden; Marseilles, France; London; and Berlin. The European Union-backed EUDIS Defence Hackathon holds simultaneous competitions at eight universities twice a year. Meanwhile, NATO has launched DIANA, an 'accelerator' program to speed up defense innovations. The competitions are producing real-world results. The winners of one European Defense Tech Hackathon were a team of Bulgarian high school students who came up with a de-mining solution that they used to found a startup. At last year's London event, the winning team devised an idea for an anti-drone system. They went to Ukraine for more testing, and then were bought by a startup that went on to raise millions in venture capital funding, said Richard Pass, co-founder of the London hackathon. This year, instead of a trophy, some London teams signed term sheets with investors. Hackathons have their origins in the software industry. Small teams of programmers and developers are pitted against each other in marathon brainstorming sessions to write programs that could become new products. 'The beauty of the hackathon is you get a mixture of people who never normally meet,' said Wolba. 'Engineers are 'paired with actual investors who understand something on the commercial side, but also, critically, military end users.' Organizers want to foster a culture of nimble startups to join Europe's defense ecosystem, traditionally dominated by a handful of big 'prime' military contractors such as Britain's BAE, Germany's Rheinmetall and France's Thales that are focused on building pricey hardware. 'There's definitely been a shift in the industry from the purchase of more exquisite, high-cost capabilities, such as fighter jets, or submarines, or expensive tanks, towards more low-cost systems that can give you scale advantages,' said Pass. A recent aerial confrontation between Pakistan and India further highlights how Europe is at risk of losing its edge against adversaries, he said. Pass said reports that Pakistan used Chinese-made fighter jets armed with Chinese air-to-air missiles to down Indian air force planes, including three French-made Rafale jets, came as a big surprise. Not only does it show 'technological parity between the Chinese and leading Western industrial nations like France,' but it also hints at China's advantages in mass-producing fighter jets that could overwhelm Western forces, he said. Fostering a broader European defense tech start-up ecosystem is a way 'to regain that technological advantage,' he said. Defense tech startup founders can ride a wave of investment as Europe moves to beef up its military capabilities. Leaders of NATO, which includes 30 European nations, are meeting this week to endorse a goal to spend 5% of gross domestic product on defense. The European Union has sought to mobilize 800 billion euros ($927 billion) to boost the 27-nation bloc's defense, with priorities including drones, AI, autonomous systems and quantum computing. Britain, which left the EU, has meanwhile pledged to spend 10% of its defense budget on new technologies. Europe still has a long way to go. The continent's defense tech startup ecosystem is young and about five years behind the United States, consulting firm McKinsey said in a recent report. But it's growing rapidly as investors flock there. Venture capital investment in Europe's defense tech sector for 2021-2024 more than quadrupled from the previous three-year period, according to Pitchbook. At the London hackathon, teams worked into the evening, fueled by chocolate bars, energy drinks, fruit and a late-night pizza delivery. Army cots were available for those who wanted to catch a few hours of sleep. Soldiers in camouflage and defense company reps hovered on the sidelines to provide advice and answer questions. Andrii Solonskyi, CEO of Soloma Avionics, which fielded a team, said defense hackathons are 'a bit of a novelty.' The industry has traditionally been more structured and formal, because 'it's a serious business and there's a lot of things that can go wrong,' he said. But, 'what we definitely feel is that you can be very agile in defense right now.'
Android Authority
2 hours ago
- Android Authority
Google Wallet finally lets you fix your custom passes without deleting them first
Edgar Cervantes / Android Authority TL;DR Google Wallet for Android now lets you edit your custom passes via an edit button. This is a welcome change as you previously had to delete and then re-add your custom pass if you wanted to edit it. This option seems to be a gradual release for now, so you might have to wait to see it on your phone. Google Wallet gained custom pass functionality almost a year ago, allowing users to create a digital pass from any text document. The app doesn't let you edit a custom pass after the fact, but that seems to be changing this week. We spotted an Edit button for custom passes, allowing you to tweak your created pass accordingly. You can see this button in our screenshot below. Joe Maring / Android Authority This is a useful feature, as Google Wallet didn't actually let you edit custom passes after you saved them. Instead, one workaround was to delete the created pass and add it again, as the app lets you edit any pass details before saving it. This workaround isn't always feasible, though, especially if you lost the original physical document or card. Thankfully, this Edit button means you can now tweak incorrect fields accordingly. This is useful if the app simply made a mistake in capturing details, or if you've got an old/damaged document. In saying so, colleague Joe Maring reported this on his phone, but I'm not seeing it on my devices. That means you might have to wait a while to get this feature on your phone. This isn't the only notable Google Wallet feature we've spotted in recent weeks. Last month, Google announced a Nearby Passes notification feature that notifies you to use a specific pass when you pass a point of interest. For example, the app could issue a notification to use your boarding pass when you're at the airport or prompt you to use your loyalty card at a specific store. Got a tip? Talk to us! Email our staff at Email our staff at news@ . You can stay anonymous or get credit for the info, it's your choice.
