Apple and Google have pulled up to 20 applications from their respective application stores, as security researchers have found that applications carry malware that steal data for almost a year.
Security researchers at Kaspersky said the malicious softwareNamed Sparkcat, was active since March 2024. Initially, researchers found the malicious framework within a food delivery application used in the United Arab Emirates and Indonesia, but later found malicious software in other 19, irrelevant applications, They say they had been received a tubular more than 242,000 times through the Google Play Store.
Using code designed to record the text visible on the user’s screen – known as visual recognition (OCR) – Researchers found that malware scans the image galleries on victims for words – keystones to find recovery phrases for encryption wallets in different languages, including English. Chinese, Japanese and Korean.
Using malware to capture a victim’s recovery phrases, attackers could gain complete control of a victim’s wallet and steal their funds, according to researchers.
Malicious software could also allow the export of personal information from screenshots, such as messages and passwords, the researchers said.
After receiving the report by the researchers, Apple pulled the compromised applications from the App Store last week, followed by Google.
“All recognized applications have been removed from Google Play and developers have been banned,” Google Ed Fernandez spokesman in TechCrunch said.
The Google spokesman also confirmed that Android users were protected from well -known versions of this malicious software through the built -in Google Play Protect security mode.
Apple did not respond to requests for comments.
Kaspersky Rosemarie Gonzales spokesman told TechCrunch that while reported applications were pulled by official application stores, the company’s telemetry data suggest that malware was also available from other sites and unpaid applications.
