In brief
- The Trojan steals images from phones, likely to extract seed phrases.
- It is distributed through App Store, Google Play, and third-party sites.
- Kaspersky has linked it to the prior SparkCat spyware campaign.
A newly discovered Trojan dubbed “SparkKitty” is infecting smartphones and siphoning off sensitive data, potentially enabling attackers to drain victims’ cryptocurrency wallets, cybersecurity firm Kaspersky said in a report on Tuesday.
The malware is embedded in apps related to crypto trading, gambling, and even modified versions of TikTok.
Once installed via deceptive provisioning profiles—used for running iOS apps or modified apps—SparkKitty requests access to the photo gallery. It monitors for changes, creates a local…
Jun 25 2025
