Kaspersky Uncovers SparkKitty Malware Targeting Crypto Users

Coin WorldTuesday, Jun 24, 2025 2:27 am ET

1min read

Cybersecurity firm Kaspersky has identified a new malware threat known as SparkKitty, which targets both iOS and Android devices with the aim of stealing photos that may contain cryptocurrency seed phrases. The malware infiltrates various apps available on the

Apple

App Store and

Google

Play, indiscriminately stealing all images from the infected device's photo gallery. While the primary objective appears to be the acquisition of crypto wallet seed phrases, other sensitive data present in the stolen images could also be compromised.

The malicious apps used to deliver SparkKitty are often themed around cryptocurrency. Two notable examples include 币coin, a crypto information tracker available on the App Store, and SOEX, a messaging app with crypto exchange features found on Google Play. SOEX, which was installed over 10,000 times before being removed, highlights the potential reach of this malware. Additionally, SparkKitty has been found in casino apps, adult-themed games, and malicious TikTok clones, indicating a broad range of distribution methods.

SparkKitty shares similarities with another malware, SparkCat, which was identified earlier this year. Both malware variants are believed to originate from the same source due to their shared features and file paths. Unlike SparkCat, SparkKitty does not discriminate in the photos it steals, making it a more indiscriminate threat. The campaign has been active since at least the beginning of 2024, posing a significant risk to users.

The primary targets of this malware campaign are users in Southeast Asia and China, as the infected apps include various Chinese gambling games, TikTok, and adult games. However, the malware is not technically limited to these regions and could potentially affect users globally. The widespread distribution and indiscriminate nature of SparkKitty underscore the importance of vigilance and robust cybersecurity measures to protect sensitive information, particularly in the context of cryptocurrency wallets.

Comments

﻿

Add a public comment...

No comments yet

Disclaimer: The news articles available on this platform are generated in whole or in part by artificial intelligence and may not have been reviewed or fact checked by human editors. While we make reasonable efforts to ensure the quality and accuracy of the content, we make no representations or warranties, express or implied, as to the truthfulness, reliability, completeness, or timeliness of any information provided. It is your sole responsibility to independently verify any facts, statements, or claims prior to acting upon them. Ainvest Fintech Inc expressly disclaims all liability for any loss, damage, or harm arising from the use of or reliance on AI-generated content, including but not limited to direct, indirect, incidental, or consequential damages.