TechFlow news, June 24 — According to Cointelegraph, cybersecurity company Kaspersky has discovered a new malicious virus named SparkKitty. This virus infects apps on iOS and Android devices to steal all images from users' photo galleries, aiming to find screenshots of cryptocurrency wallet recovery phrases.
Kaspersky analysts reported identifying two applications used to spread the malware: a cryptocurrency information tracking app called "BiCion" on the App Store, and SOEX, a messaging app with "cryptocurrency trading features" on Google Play that had been downloaded over 10,000 times.
Researchers believe SparkKitty shares the same origin as SparkCat, a malicious virus discovered in January, as both exhibit similar characteristics. The malicious campaign has been active since at least early 2024, primarily targeting users in Southeast Asia and China, though it technically can affect users in any region. Kaspersky has notified Google, and the related apps have been removed from app stores.
