A new Trojan spy known as SparkKitty targets sensitive information from screenshots stored in your gallery, particularly seed phrases for crypto wallets. The malware, likely connected to the infamous SparkCat data stealer, focuses on financial data and has been detected on both Android and iOS devices.
SparkKitty uses two tactics: copying all images in your gallery or using OCR (Optical Character Recognition) to find specific images related to financial information. This makes it a significant threat to cryptocurrency users who store their seed phrases offline.
The malware comes from legitimate-looking downloads, including messaging apps, crypto trading apps, and other apps that may not be what they seem. If installed, SparkKitty searches your gallery and sends sensitive data to nefarious parties who can wipe out wallets or target other accounts.
To stay protected from SparkKitty and similar malware:
* Check app permissions in your phone’s settings and revoke access to unnecessary features.
* Only install apps from official app stores, even if they seem legitimate.
* Avoid saving screenshots of sensitive information, such as IDs, passwords, or seed phrases. Instead, delete or store them securely.
By taking these precautions, you can reduce the risk of falling victim to SparkKitty and other malicious malware.
Source: https://www.zdnet.com/article/you-should-probably-delete-any-sensitive-screenshots-you-have-in-your-phone-right-now-heres-why