Sparkkitty Mobile Malware goes to Android and iPhone
NEWNow you can listen to News articles!
The bad actors constantly seek all the personal information that they can obtain, from their telephone number to their government identification. Now, a new threat is addressed to both Android and iPhone users: Sparkkitty, a powerful mobile malware tension that scan private photos to steal cryptocurrency recovery phrases and other confidential data.
Register for my free Cyberguy report
Get my best technological tips, urgent security alerts and exclusive offers delivered directly to your inbox. In addition, you will get instant access to my final scam survival guide, free when I join me Cyberguy.com/newsletter.
A new threat is addressed to both Android and iPhone users. (Apple)
What is Sparkkitty mobile malware?
Researchers from the Kaspersky cybersecurity firm recently identified Sparkkitty. This malware seems to succeed in Sparkcat, a campaign reported for the first time earlier this year that used the recognition of optical characters (OCR) to extract confidential image data, including cryptography recovery phrases.
Sparkkitty goes even beyond Sparkcat. According to Kaspersky, Sparkkitty loads infected phone images without discrimination. This tactic exposes not only the data of the wallet but also the personal or confidential photos stored on the device. While the main objective seems to be phrases of cryptographic seeds, criminals could use other images for extortion or malicious ends.
Kaspersky researchers report that Sparkkitty has operated since at least February 2024. The attackers distributed it through official and unofficial channels, including Google Play and Apple App Store.
Sparkkitty loads infected phones of phones without discrimination. (Kurt “Cyberguy” Knutsson)
How Sparkkitty malware infects Android and iPhone devices
Kaspersky found Sparkkitty embedded in several applications, including a call 币 coin in iOS and another so -called Android. Both applications are no longer available in their respective stores. SOEX, a messaging application with characteristics related to cryptocurrencies, reached more than 10,000 downloads from Google Play Store before elimination.
In iOS, the attackers deliver malware through false software frames or business supply profiles, often disguised as legitimate components. Once installed, Sparkkitty uses a native method of Apple Objective-C programming language to execute as soon as the application begins. Verify the internal configuration files of the application to decide if it is executed, then the user’s photo library begins to be monitored silently.
In Android, Sparkkitty hides in applications written in Java or Kotlin and sometimes uses xposed or malicious modules. It is activated when the application begins or after a specific screen is opened. The malware then deciphe a configuration file of a remote server and begins to load images, device metadata and identifiers.
In iOS, the attackers deliver malware through false software frames or business supply profiles. (Apple)
Why Sparkkitty is more dangerous than previous malware
Unlike traditional spyware, Sparkkitty focuses on photos, especially those that contain cryptocurrency recovery phrases, wallet screenshots, IDS or confidential documents. Instead of just monitoring the activity, Sparkkitty uploads bulk images. This approach makes it easier for criminals to examine and extract valuable personal data.
4 ways to protect your mobile malware phone sparkkitty
1) Adhere to trusted developers: Avoid downloading dark applications, especially if they have few reviews or downloads. Always check the name and history of the developer before installing anything.
2) Check the application permits: Be careful with applications that request access to your photos, messages or files without a clear reason. If something feels outside, deny permission or uninstall the application.
3) Keep your updated device: Install the system and safety updates as soon as they are available. These updates often patch the vulnerabilities that malware can exploit.
4) Use mobile security software: The best way to safeguard malicious software is to have strong antivirus software installed on all its devices. Get my elections for the best 2025 antivirus protection winners for their Windows, Mac, Android and iOS devices visiting Cyberguy.com/Lockupyoutech.
Kurt key takeway
Both Apple and Google eliminated the applications identified after being alerted, but questions about how Sparkkitty overlooked their processes to review their applications first. As application stores grow, both in volume and complexity, the tools used to detect them must evolve at the same rate. Otherwise, incidents like this will continue to slide through cracks.
Do you think Google and Apple are doing enough to protect users from mobile malware and the evolution of security threats? Get us knowing in Cyberguy.com/contact.
Register for my free Cyberguy report
Get my best technological tips, urgent security alerts and exclusive offers delivered directly to your inbox. In addition, you will get instant access to my definitive scam survival guide, free when it joins me Cyberguy.com/newsletter.
Copyright 2025 Cyberguy.com. All rights reserved.
Kurt “Cyberguy” Knutsson is a award -winning technological journalist who has a deep love for technology, equipment and devices that improve life with their contributions for News & News Business Startzing Mornings in “News & Friends”. Do you have a technological question? Get the free Kurt’s free newsletter, share your voice, an idea of the story or comment on Cyberguy.com.