Rare Screenshot-Grabbing Malware Found on Apple App Store
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.
In what appears to be a first, a strain of malware that can secretly steal screenshots from smartphones has infiltrated the Apple App Store.
The so-called 'SparkCat' malware was discovered late last year secretly embedded in an iOS app called 'ComeCome-Chinese Food Delivery,' according to antivirus provider Kaspersky.
SparkCat works by secretly deploying a character-recognition tool, enabling it to read text from stored images and seek out select keywords. If the desired words are found, the malware will then send the image to a hacker-controlled server.
'The [search] terms all indicated that the attackers were financially motivated, specifically targeting recovery phrases also known as 'mnemonics' that can be used to regain access to cryptocurrency wallets,' Kaspersky concluded.
The antivirus provider's investigation also found that the malware will seek keywords in languages including Chinese, Japanese, Korean, English, Czech, French, Italian, Polish, and Portuguese. This suggests the attack was devised to prey on users in Europe and Asia.
'It must be noted that the malware is flexible enough to steal not just these phrases but also other sensitive data from the gallery, such as messages or passwords that might have been captured in screenshots,' Kaspersky said.
The malicious code was also found in a few other iOS Apps, such as "AnyGPT" and "WeTink." The findings prompted Apple to remove a total of 11 iOS apps from its official store.
Apple also told PCMag that the 11 apps shared computer code with 89 other iOS apps, which have also been removed or rejected. In addition, the developer accounts behind the apps have been terminated.
Despite the malicious threat, Apple also noted that starting in iOS 14, the PhotoKit API lets users select only specific photos or videos to share with an app, rather than providing full access to the entire library. The company added that it has no tolerance for malicious activity and designed its app store to be safe and private for users.
Kaspersky uncovered the iOS malware after spotting the malicious code operating through a variety of infected apps on the Google Play Store. Those apps were downloaded more than 242,000 times via Google Play and also circulated through unofficial app stores.
"Analyzing Android versions of the malware, Kaspersky experts found comments in the code written in Chinese," it said. "Additionally, the iOS version contained developer home directory names, 'qiongwu' and 'quiwengjing,'" suggesting that the threat actors are fluent in Chinese.
Google didn't immediately respond to a request for comment. But Kaspersky says its notified Google about the malware, too.
It's unclear how so many apps became infected with the malware. Some of the infected apps appear to be legitimate food delivery services while others seem to be fake programs meant to bait users. In the meantime, Kaspersky says: 'This case once again shatters the myth that iOS is somehow impervious to threats posed by malicious apps targeting Android.'
This story has been updated with comment from Apple.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Android Authority
38 minutes ago
- Android Authority
No action needed: Gmail now saves you time with automatic email summaries
Edgar Cervantes / Android Authority TL;DR Gmail on smartphones now automatically offers AI-generated summaries for some emails. Google says this applies to situations like long email threads and messages with several replies. The feature is available today for Gmail on Android and iOS. Google has been on a quest to bring generative AI to many of its apps and services, and Gmail is no exception. The company currently offers AI tools like writing assistance and summaries, and it's now making the latter feature more prominent. Google revealed on its Workspace Updates blog that AI-generated summaries will now automatically show at the top of some emails in Gmail for Android and iOS. Previously, you'd need to tap the 'summarize this email' button in the app to generate a summary. These summaries would be displayed in emails where a summary is deemed helpful. The company specifically gives examples like longer email threads or messages with several replies. 'Gemini will synthesize all the key points from the email thread and any replies thereafter will also be a part of the synopsis, keeping all summaries up to date,' Google explains. How often do you use AI features in Gmail? 0 votes All the time! NaN % I use them now and again NaN % I don't use AI in Gmail NaN % Google says this feature is available today in English, although it might take up to 15 days to see it. The company adds that you can still manually trigger AI-generated summaries for emails by tapping the 'summarize this email' button. That's useful if the automatic summary hasn't kicked in for your desired message or thread. These automatic summaries should be helpful for many people, although the scattershot nature of generative AI means you should still check the entirety of more important email threads. Don't care for these summaries? You can disable them by disabling Gemini integration in Gmail, but you do lose out on other Gemini features (e.g. the Gemini chatbot) by doing this. Got a tip? Talk to us! Email our staff at Email our staff at news@ . You can stay anonymous or get credit for the info, it's your choice.
CNET
40 minutes ago
- CNET
No iOS 19? Apple's WWDC 25 Will Have Surprises (but Don't Expect Siri)
Apple is about to show off its latest software tricks to the world on June 9 at its annual Worldwide Developers Conference. But don't count on hearing much about an improved Siri -- the delayed Apple Intelligence updates seem to need more time. Instead, we're expecting a number of other big updates to distract us -- including a new glassy design and a new naming system across all of Apple's family of operating systems. According to a Bloomberg report, Apple's OS numbering will all match corresponding to the corresponding year ahead. So instead of talking about iOS 19, WatchOS 12, and MacOS 15, it would be iOS 26, WatchOS 26, MacOS 26 -- and the same for iPadOS 26, TVOS 26 and VisionOS 26. In this episode of One More Thing, embedded above, I'll go over some of the big news that could come at WWDC, including possible live language translation abilities for AirPods. Another thing to distract while we wait for Siri's update: a new Apple video game app coming to iPhone, iPad and Apple TV set top box. Perhaps it could get you thinking about playing more games on Apple (and just days after Nintendo releases the Switch 2). It's not too surprising that Apple wants to talk games since it just bought its first game studio. This will be an important presentation for Apple to show the progress it has made in the field of AI. It's been one year since Apple Intelligence made its debut, but even if some Siri tricks are delayed, could there be other perks released? Rumors buzz about AI helping with improving battery life -- and also your own life, with a rumored AI health coach. If you're looking for more One More Thing, subscribe to our YouTube page to catch Bridget Carey breaking down the latest Apple news and issues every Friday.
Engadget
40 minutes ago
- Engadget
The Gmail app can automatically summarize those long email threads
Gmail will now automatically show you a summary card for lengthy email threads if you check a Google Workspace account on the iOS or the Android app. The company introduced AI summaries last year when it rolled out Gemini side panels for Docs, Sheets, Slides, Drive and Gmail. However, you'd have had to manually tap the "Summarize this email" option at the top of emails before if you wanted to see a thread's contents at a glance. Now, the summary will show up at the top of the email the moment you open a thread. Google's AI assistant will write up key points from multiple messages and include them in the summary. It will keep re-generating that summary and keeping it up to date as more replies come in. At the moment, however, the feature will only work for emails written in English. Also, your personalization smart features in Gmail, Chat and Meet, as well as smart features in Google Workspace, have to be switched on. As The Verge notes, Google didn't say whether it will also make auto-summaries available on non-Workspace accounts and Gmail on desktop. But you can always tap the "Summarize this email" option at the top whenever auto-summary isn't available for you. In addition to summarizing emails, Gemini in Gmail can help you draft new emails and help you find information from within your inbox or from your Drive files. At I/O 2025, Google CEO Sundar Pichai introduced Personalized Smart Replies, an upcoming feature that can look at your past emails and files to draft a response containing relevant information in the tone you typically use when you write.
