Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Apple and Google have pulled up about 20 apps from their respective App Store when security researchers find that apps have been carrying data-steamed malware for about a year.
Casparsky Malware saysDubbed Sparkkat is active since March 2021. Initially researchers found the contaminated structure in a food distribution app used in the United Arab Emirates and Indonesia, but later they received the malware in 5, related applications, which they were downloaded more than 242,000 times via Google’s Play Store.
Using the code designed to capture the visible text on the user’s display – known as the Optical Character Recognition (OCR) – researchers scanned the image galleries on Victim’s device for keywords, which are recovered phrases for cryptocurrency wallets in English, Chinese Scanned, Japanese and Korean.
A victim’s recovery phrases using malware to capture the attackers have found researchers to gain complete control over a victim’s wallet and steal their funds.
Malware may enable screenshots such as messages and passwords to exhaust personal information, researchers say.
After receiving the report from researchers, Apple pulled the compromised applications from the App Store last week, then Google.
Google spokesman Ed Fernandez told TechCrunch, “All the marked applications have been removed from the Google Play, and developers have been banned.”
Google spokesperson also confirmed that Android users were protected from the familiar versions of this malware through the built -in Google Play Security Protection feature.
Apple did not respond to the requests for comment.
Caspersky spokesman Rosemari Gonzales TechCrunch told the report that the reports were drawn from the official app stores showed that the malware was also available from other websites and non-private app stores.
