This malware steals screenshots from your device: Everything to know about SparkKitty
SparkKitty is classified as a Trojan virus, meaning it disguises itself as a genuine app but performs harmful actions in the background. Security researchers have found that it embeds itself in various fake apps, including crypto converters, messaging apps, and unofficial versions of the social media app TikTok. Some of these apps were even listed on official app stores before being taken down.
SparkKitty appears to be a mobile version of an earlier malware known as SparkCat, which targeted macOS and Windows systems a few years ago. Notable overlaps were found by researchers at SecureList, a research wing of Kaspersky, between the two malware, suggesting a shift in attackers' tactics, with them now targeting smartphones as users increasingly rely on them to store and manage financial information.
Once a user installs a fake app with SparkKitty embedded, it requests access to the phone's photo gallery. On Android, it scans all images using built-in tools to detect text within screenshots, especially those showing wallet recovery phrases or QR codes. On iPhones, the malware uses common coding libraries to bypass system restrictions and access stored photos and device information, as reported by cybersecurity firm Kaspersky, which originally discovered the virus.
The primary purpose of SparkKitty is to gain control of users' cryptocurrency wallets. Many people store their wallet seed phrases (phrases that store all the information needed to recover Bitcoin funds) as screenshots for convenience, unaware that these unprotected images can be easily accessed by malware. Once these images are stolen, attackers can use the information to recover the wallets and transfer out the funds without the user's knowledge.
Although the malware has mainly been found targeting users in Southeast Asia and China, cybersecurity experts caution that its distribution methods could allow it to spread globally. SparkKitty has been circulated through both official platforms, like the Play Store and App Store, as well as unofficial sources that offer pirated applications. Its use of misleading app names, convincing icons, and fake user reviews makes it difficult for average users to identify the threat.
To stay protected from SparkKitty and similar threats, users are advised not to store sensitive information like bank account details, passwords, and recovery information as screenshots. Instead, security experts recommend writing them down and storing them securely offline.
Apps should only be granted access to photos when absolutely necessary, and users should regularly review their app permissions. Suspicious apps, even those downloaded from your phone's official app store, should be removed, and devices should be kept updated with the latest security patches.
Tools like Google Play Protect or reputable mobile antivirus software can also help detect malicious activity.
(This article has been curated by Arfan Jeelany, who is an intern with The Indian Express)
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Hindustan Times
34 minutes ago
- Hindustan Times
Perplexity wants Chrome. Here's why that could be great news for Google
Perplexity AI has reportedly made a $34.5 billion offer to buy Google Chrome. On paper, that sounds wild: a fast‑growing AI startup pitching for the world's most used web browser. In practice, it reflects a larger regulatory moment where Big Tech platforms are being challenged on how they tie browsers, search, ads, and data together. Chrome is not just a desktop icon. It is the default gateway to the internet for hundreds of millions here, the primary route to UPI payments, government services, education portals, OTT, and vernacular news. Any ownership change, even as a hypothetical, touches everyday digital life in India. Why Chrome is even part of this conversation In the United States, a landmark antitrust case found Google maintained an illegal monopoly in search. The court is now weighing remedies, and one option pushed by the Department of Justice is unusually tough: separating Chrome and its open‑source base, Chromium, from Alphabet. Europe has already forced structural changes under the DMA, including unbundling defaults and offering choice screens. India, too, via the CCI's 2022 Android ruling, pressed Google to loosen how search, browser, and Play services are tied, which led to some changes on Android phones sold here. Put simply, regulators across regions are probing the same pattern: when a company controls the browser, the search defaults, the ad stack, and the app store, the flywheel becomes hard for rivals to crack and harder for consumers to exit. Perplexity's reported bid slots into that global context. The company says it would keep the Chromium project healthy, which is essential because Chromium powers not just Chrome but also Microsoft Edge, Brave, Arc, and a long tail of Indian OEM browsers and in‑app web views. A credible steward must protect developer stability, security updates, and web standards. That is where the technical challenge lives. Chrome today is interlaced with Google layers like Safe Browsing, account sync, payments integration, autofill, WebView on Android, and privacy protections that ship on a tightly coordinated cadence. Unwinding or relicensing those parts without degrading safety or breaking websites is a non‑trivial job. Google argues this is precisely why a forced sale would harm users. Critics counter that concentration of control is the risk, and stewardship can be re‑architected. Also read Looking for a smartphone? To check mobile finder click here. If divestiture were ever ordered, it would move slowly, with appeals and interim arrangements. For Indian users and developers, three practical questions would dominate. First, security cadence. Chrome's rapid patch cycle protects billions from fresh exploits. Any owner must match that tempo, or CERT‑In and enterprise CISOs will not be amused. Second, defaults and data. Choice screens for search and services could expand further, giving Indian brands, language‑first startups, and public platforms a fairer shot at the default slot without hacks. Third, Android's WebView and OEM builds. Indian smartphone makers rely on Chromium for in‑app browsing and updates. Continuity here is non‑negotiable, especially for BFSI, government apps, and education platforms that lean on web tech to scale across price tiers. For now, this is a long shot. Google has shown no willingness to sell, and any remedy that drastic would be fought hard. The more immediate takeaway is strategic. AI‑native companies want a browser foothold because the browser is the front door to intent, context, and high‑frequency user sessions. That is where AI assistants live best. Whether Chrome changes hands or not, expect the browser to become the next battleground for AI overlays, summarisation, trusted shopping, and verified sources.
NDTV
6 hours ago
- NDTV
AI Start-up Perplexity Makes $34.5BN Bid For Google Chrome
Perplexity AI has stunned the tech world with a $34.5 billion all-cash offer to buy Google Chrome, even though the browser is not officially on the market. The bid, far larger than Perplexity's own $14 billion valuation, Earlier this year, it offered to merge with TikTok's US business to address concerns over Chinese ownership. Now, its sights are set on Chrome's estimated three billion users
Time of India
6 hours ago
- Time of India
Perplexity AI offers Google $34.5 bn for chrome browser
San Francisco: Perplexity AI offered Google on Tuesday $34.5 billion for its popular Chrome web browser, which the internet giant could potentially be forced to sell as part of antitrust proceedings . The whopping sum proposed in a letter of intent by Perplexity is nearly double the value of the startup, which was reportedly $18 billion in a recent funding round. "This proposal is designed to satisfy an antitrust remedy in highest public interest by placing Chrome with a capable, independent operator focused on continuity, openness, and consumer protection," Perplexity chief executive Aravind Srinivas said in the letter, a copy of which was seen by AFP. Google is awaiting US District Court Judge Amit Mehta's ruling on what "remedies" to impose, following a landmark decision last year that said the tech titan maintained an illegal monopoly in online search . US government attorneys have called for Google to divest itself of the Chrome browser , contending that artificial intelligence is poised to ramp up the tech giant's dominance as the go-to window into the internet. Google has urged Mehta to reject the divestment, and his decision is expected by the end of the month. Google did not immediately respond to a request for comment. Perplexity's offer vastly undervalues Chrome and "should not be taken seriously," Baird Equity Research analysts said in a note to investors. Given that Perplexity already has a browser that competes with Chrome, the San Francisco-based startup could be trying to spark others to bid or "influence the pending decision" in the antitrust case, Baird analysts theorized. "Either way, we believe Perplexity would view an independent Chrome -- or one no longer affiliated with Google -- as an advantage as it attempts to take browser share," Baird analysts told investors. Google contends that the United States has gone way beyond the scope of the suit by recommending a spinoff of Chrome, and holding open the option to force a sale of its Android mobile operating system. "Forcing the sale of Chrome or banning default agreements wouldn't foster competition," said Cato Institute senior fellow in technology policy Jennifer Huddleston. "It would hobble innovation, hurt smaller players, and leave users with worse products." Google attorney John Schmidtlein noted in court that more than 80 percent of Chrome users are outside the United States, meaning divestiture would have global ramifications. "Any divested Chrome would be a shadow of the current Chrome," he contended. "And once we are in that world, I don't see how you can say anybody is better off." The potential of Chrome being weakened or spun off comes as rivals such as Microsoft, ChatGPT and Perplexity put generative artificial intelligence ( AI ) to work fetching information from the internet in response to user queries. Google is among the tech companies investing heavily to be a leader in AI, and is weaving the technology into search and other online offerings.
